From e683eff90337613e6b6ae122e1459b74d450afd4 Mon Sep 17 00:00:00 2001 From: John Date: Thu, 22 Feb 2024 21:25:37 +0800 Subject: [PATCH] add merged contracts --- .../hardhat/contracts/NFTMintDN404_merged.sol | 4035 +++++++++++++++++ .../hardhat/contracts/SimpleDN404_merged.sol | 3899 ++++++++++++++++ packages/hardhat/hardhat.config.ts | 20 +- 3 files changed, 7953 insertions(+), 1 deletion(-) create mode 100644 packages/hardhat/contracts/NFTMintDN404_merged.sol create mode 100644 packages/hardhat/contracts/SimpleDN404_merged.sol diff --git a/packages/hardhat/contracts/NFTMintDN404_merged.sol b/packages/hardhat/contracts/NFTMintDN404_merged.sol new file mode 100644 index 0000000..cef47c5 --- /dev/null +++ b/packages/hardhat/contracts/NFTMintDN404_merged.sol @@ -0,0 +1,4035 @@ +pragma solidity ^0.8.4; + + +// SPDX-License-Identifier: MIT +/// @title DN404 +/// @notice DN404 is a hybrid ERC20 and ERC721 implementation that mints +/// and burns NFTs based on an account's ERC20 token balance. +/// +/// @author vectorized.eth (@optimizoor) +/// @author Quit (@0xQuit) +/// @author Michael Amadi (@AmadiMichaels) +/// @author cygaar (@0xCygaar) +/// @author Thomas (@0xjustadev) +/// @author Harrison (@PopPunkOnChain) +/// +/// @dev Note: +/// - The ERC721 data is stored in this base DN404 contract, however a +/// DN404Mirror contract ***MUST*** be deployed and linked during +/// initialization. +abstract contract DN404 { + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* EVENTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Emitted when `amount` tokens is transferred from `from` to `to`. + event Transfer(address indexed from, address indexed to, uint256 amount); + + /// @dev Emitted when `amount` tokens is approved by `owner` to be used by `spender`. + event Approval(address indexed owner, address indexed spender, uint256 amount); + + /// @dev Emitted when `target` sets their skipNFT flag to `status`. + event SkipNFTSet(address indexed target, bool status); + + /// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`. + uint256 private constant _TRANSFER_EVENT_SIGNATURE = + 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; + + /// @dev `keccak256(bytes("Approval(address,address,uint256)"))`. + uint256 private constant _APPROVAL_EVENT_SIGNATURE = + 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925; + + /// @dev `keccak256(bytes("SkipNFTSet(address,bool)"))`. + uint256 private constant _SKIP_NFT_SET_EVENT_SIGNATURE = + 0xb5a1de456fff688115a4f75380060c23c8532d14ff85f687cc871456d6420393; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CUSTOM ERRORS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Thrown when attempting to double-initialize the contract. + error DNAlreadyInitialized(); + + /// @dev Thrown when attempting to transfer or burn more tokens than sender's balance. + error InsufficientBalance(); + + /// @dev Thrown when a spender attempts to transfer tokens with an insufficient allowance. + error InsufficientAllowance(); + + /// @dev Thrown when minting an amount of tokens that would overflow the max tokens. + error TotalSupplyOverflow(); + + /// @dev The unit cannot be zero. + error UnitIsZero(); + + /// @dev Thrown when the caller for a fallback NFT function is not the mirror contract. + error SenderNotMirror(); + + /// @dev Thrown when attempting to transfer tokens to the zero address. + error TransferToZeroAddress(); + + /// @dev Thrown when the mirror address provided for initialization is the zero address. + error MirrorAddressIsZero(); + + /// @dev Thrown when the link call to the mirror contract reverts. + error LinkMirrorContractFailed(); + + /// @dev Thrown when setting an NFT token approval + /// and the caller is not the owner or an approved operator. + error ApprovalCallerNotOwnerNorApproved(); + + /// @dev Thrown when transferring an NFT + /// and the caller is not the owner or an approved operator. + error TransferCallerNotOwnerNorApproved(); + + /// @dev Thrown when transferring an NFT and the from address is not the current owner. + error TransferFromIncorrectOwner(); + + /// @dev Thrown when checking the owner or approved address for a non-existent NFT. + error TokenDoesNotExist(); + + /// @dev The function selector is not recognized. + error FnSelectorNotRecognized(); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONSTANTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev The flag to denote that the address data is initialized. + uint8 internal constant _ADDRESS_DATA_INITIALIZED_FLAG = 1 << 0; + + /// @dev The flag to denote that the address should skip NFTs. + uint8 internal constant _ADDRESS_DATA_SKIP_NFT_FLAG = 1 << 1; + + /// @dev The flag to denote that the address has overridden the default Permit2 allowance. + uint8 internal constant _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG = 1 << 2; + + /// @dev The canonical Permit2 address. + /// For signature-based allowance granting for single transaction ERC20 `transferFrom`. + /// To enable, override `_givePermit2DefaultInfiniteAllowance()`. + /// [Github](https://github.com/Uniswap/permit2) + /// [Etherscan](https://etherscan.io/address/0x000000000022D473030F116dDEE9F6B43aC78BA3) + address internal constant _PERMIT2 = 0x000000000022D473030F116dDEE9F6B43aC78BA3; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* STORAGE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Struct containing an address's token data and settings. + struct AddressData { + // Auxiliary data. + uint88 aux; + // Flags for `initialized` and `skipNFT`. + uint8 flags; + // The alias for the address. Zero means absence of an alias. + uint32 addressAlias; + // The number of NFT tokens. + uint32 ownedLength; + // The token balance in wei. + uint96 balance; + } + + /// @dev A uint32 map in storage. + struct Uint32Map { + uint256 spacer; + } + + /// @dev A bitmap in storage. + struct Bitmap { + uint256 spacer; + } + + /// @dev A struct to wrap a uint256 in storage. + struct Uint256Ref { + uint256 value; + } + + /// @dev A mapping of an address pair to a Uint256Ref. + struct AddressPairToUint256RefMap { + uint256 spacer; + } + + /// @dev Struct containing the base token contract storage. + struct DN404Storage { + // Current number of address aliases assigned. + uint32 numAliases; + // Next NFT ID to assign for a mint. + uint32 nextTokenId; + // The head of the burned pool. + uint32 burnedPoolHead; + // The tail of the burned pool. + uint32 burnedPoolTail; + // Total number of NFTs in existence. + uint32 totalNFTSupply; + // Total supply of tokens. + uint96 totalSupply; + // Address of the NFT mirror contract. + address mirrorERC721; + // Mapping of a user alias number to their address. + mapping(uint32 => address) aliasToAddress; + // Mapping of user operator approvals for NFTs. + AddressPairToUint256RefMap operatorApprovals; + // Mapping of NFT approvals to approved operators. + mapping(uint256 => address) nftApprovals; + // Bitmap of whether an non-zero NFT approval may exist. + Bitmap mayHaveNFTApproval; + // Bitmap of whether a NFT ID exists. Ignored if `_useExistsLookup()` returns false. + Bitmap exists; + // Mapping of user allowances for ERC20 spenders. + AddressPairToUint256RefMap allowance; + // Mapping of NFT IDs owned by an address. + mapping(address => Uint32Map) owned; + // The pool of burned NFT IDs. + Uint32Map burnedPool; + // Even indices: owner aliases. Odd indices: owned indices. + Uint32Map oo; + // Mapping of user account AddressData. + mapping(address => AddressData) addressData; + } + + /// @dev Returns a storage pointer for DN404Storage. + function _getDN404Storage() internal pure virtual returns (DN404Storage storage $) { + /// @solidity memory-safe-assembly + assembly { + // `uint72(bytes9(keccak256("DN404_STORAGE")))`. + $.slot := 0xa20d6e21d0e5255308 // Truncate to 9 bytes to reduce bytecode size. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INITIALIZER */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Initializes the DN404 contract with an + /// `initialTokenSupply`, `initialTokenOwner` and `mirror` NFT contract address. + function _initializeDN404( + uint256 initialTokenSupply, + address initialSupplyOwner, + address mirror + ) internal virtual { + DN404Storage storage $ = _getDN404Storage(); + + if (_unit() == 0) revert UnitIsZero(); + if ($.mirrorERC721 != address(0)) revert DNAlreadyInitialized(); + if (mirror == address(0)) revert MirrorAddressIsZero(); + + /// @solidity memory-safe-assembly + assembly { + // Make the call to link the mirror contract. + mstore(0x00, 0x0f4599e5) // `linkMirrorContract(address)`. + mstore(0x20, caller()) + if iszero(and(eq(mload(0x00), 1), call(gas(), mirror, 0, 0x1c, 0x24, 0x00, 0x20))) { + mstore(0x00, 0xd125259c) // `LinkMirrorContractFailed()`. + revert(0x1c, 0x04) + } + } + + $.nextTokenId = 1; + $.mirrorERC721 = mirror; + + if (initialTokenSupply != 0) { + if (initialSupplyOwner == address(0)) revert TransferToZeroAddress(); + if (_totalSupplyOverflows(initialTokenSupply)) revert TotalSupplyOverflow(); + + $.totalSupply = uint96(initialTokenSupply); + AddressData storage initialOwnerAddressData = _addressData(initialSupplyOwner); + initialOwnerAddressData.balance = uint96(initialTokenSupply); + + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, initialTokenSupply) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, initialSupplyOwner))) + } + + _setSkipNFT(initialSupplyOwner, true); + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* BASE UNIT FUNCTION TO OVERRIDE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Amount of token balance that is equal to one NFT. + function _unit() internal view virtual returns (uint256) { + return 10 ** 18; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* METADATA FUNCTIONS TO OVERRIDE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the name of the token. + function name() public view virtual returns (string memory); + + /// @dev Returns the symbol of the token. + function symbol() public view virtual returns (string memory); + + /// @dev Returns the Uniform Resource Identifier (URI) for token `id`. + function tokenURI(uint256 id) public view virtual returns (string memory); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONFIGURABLES */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns if direct NFT transfers should be used during ERC20 transfers + /// whenever possible, instead of burning and re-minting. + function _useDirectTransfersIfPossible() internal view virtual returns (bool) { + return true; + } + + /// @dev Returns if burns should be added to the burn pool. + /// This returns false by default, which means the NFT IDs are re-minted in a cycle. + function _addToBurnedPool(uint256 totalNFTSupplyAfterBurn, uint256 totalSupplyAfterBurn) + internal + view + virtual + returns (bool) + { + // Silence unused variable compiler warning. + totalSupplyAfterBurn = totalNFTSupplyAfterBurn; + return false; + } + + /// @dev Returns whether to use the exists bitmap for more efficient + /// scanning of an empty token ID slot. + /// Recommended for collections that do not use the burn pool, + /// and are expected to have nearly all possible NFTs materialized. + /// + /// Note: The returned value must be constant after initialization. + function _useExistsLookup() internal view virtual returns (bool) { + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* ERC20 OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the decimals places of the token. Always 18. + function decimals() public pure returns (uint8) { + return 18; + } + + /// @dev Returns the amount of tokens in existence. + function totalSupply() public view virtual returns (uint256) { + return uint256(_getDN404Storage().totalSupply); + } + + /// @dev Returns the amount of tokens owned by `owner`. + function balanceOf(address owner) public view virtual returns (uint256) { + return _getDN404Storage().addressData[owner].balance; + } + + /// @dev Returns the amount of tokens that `spender` can spend on behalf of `owner`. + function allowance(address owner, address spender) public view returns (uint256) { + if (_givePermit2DefaultInfiniteAllowance() && spender == _PERMIT2) { + uint8 flags = _getDN404Storage().addressData[owner].flags; + if (flags & _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG == 0) return type(uint256).max; + } + return _ref(_getDN404Storage().allowance, owner, spender).value; + } + + /// @dev Sets `amount` as the allowance of `spender` over the caller's tokens. + /// + /// Emits a {Approval} event. + function approve(address spender, uint256 amount) public virtual returns (bool) { + _approve(msg.sender, spender, amount); + return true; + } + + /// @dev Transfer `amount` tokens from the caller to `to`. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Requirements: + /// - `from` must at least have `amount`. + /// + /// Emits a {Transfer} event. + function transfer(address to, uint256 amount) public virtual returns (bool) { + _transfer(msg.sender, to, amount); + return true; + } + + /// @dev Transfers `amount` tokens from `from` to `to`. + /// + /// Note: Does not update the allowance if it is the maximum uint256 value. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Requirements: + /// - `from` must at least have `amount`. + /// - The caller must have at least `amount` of allowance to transfer the tokens of `from`. + /// + /// Emits a {Transfer} event. + function transferFrom(address from, address to, uint256 amount) public virtual returns (bool) { + Uint256Ref storage a = _ref(_getDN404Storage().allowance, from, msg.sender); + + uint256 allowed = _givePermit2DefaultInfiniteAllowance() && msg.sender == _PERMIT2 + && (_getDN404Storage().addressData[from].flags & _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG) == 0 + ? type(uint256).max + : a.value; + + if (allowed != type(uint256).max) { + if (amount > allowed) revert InsufficientAllowance(); + unchecked { + a.value = allowed - amount; + } + } + _transfer(from, to, amount); + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* PERMIT2 */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Whether Permit2 has infinite allowances by default for all owners. + /// For signature-based allowance granting for single transaction ERC20 `transferFrom`. + /// To enable, override this function to return true. + function _givePermit2DefaultInfiniteAllowance() internal view virtual returns (bool) { + return false; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL MINT FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Mints `amount` tokens to `to`, increasing the total supply. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is set to false. + /// + /// Emits a {Transfer} event. + function _mint(address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNMintTemps memory t; + unchecked { + uint256 toBalance = uint256(toAddressData.balance) + amount; + toAddressData.balance = uint96(toBalance); + t.toEnd = toBalance / _unit(); + } + uint256 maxId; + unchecked { + uint256 totalSupply_ = uint256($.totalSupply) + amount; + $.totalSupply = uint96(totalSupply_); + uint256 overflows = _toUint(_totalSupplyOverflows(totalSupply_)); + if (overflows | _toUint(totalSupply_ < amount) != 0) revert TotalSupplyOverflow(); + maxId = totalSupply_ / _unit(); + } + unchecked { + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + Uint32Map storage toOwned = $.owned[to]; + Uint32Map storage oo = $.oo; + uint256 toIndex = toAddressData.ownedLength; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(_zeroFloorSub(t.toEnd, toIndex)); + + if (packedLogs.logs.length != 0) { + _packedLogsSet(packedLogs, to, 0); + $.totalNFTSupply += uint32(packedLogs.logs.length); + toAddressData.ownedLength = uint32(t.toEnd); + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint32 burnedPoolHead = $.burnedPoolHead; + t.burnedPoolTail = $.burnedPoolTail; + t.nextTokenId = _wrapNFTId($.nextTokenId, maxId); + // Mint loop. + do { + uint256 id; + if (burnedPoolHead != t.burnedPoolTail) { + id = _get($.burnedPool, burnedPoolHead++); + } else { + id = t.nextTokenId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + t.nextTokenId = _wrapNFTId(id + 1, maxId); + } + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + $.nextTokenId = uint32(t.nextTokenId); + $.burnedPoolHead = burnedPoolHead; + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, to))) + } + } + + /// @dev Mints `amount` tokens to `to`, increasing the total supply. + /// This variant mints NFT tokens starting from ID `preTotalSupply / _unit() + 1`. + /// This variant will not touch the `burnedPool` and `nextTokenId`. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is set to false. + /// + /// Emits a {Transfer} event. + function _mintNext(address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNMintTemps memory t; + unchecked { + uint256 toBalance = uint256(toAddressData.balance) + amount; + toAddressData.balance = uint96(toBalance); + t.toEnd = toBalance / _unit(); + } + uint256 startId; + uint256 maxId; + unchecked { + uint256 preTotalSupply = uint256($.totalSupply); + startId = preTotalSupply / _unit() + 1; + uint256 totalSupply_ = uint256(preTotalSupply) + amount; + $.totalSupply = uint96(totalSupply_); + uint256 overflows = _toUint(_totalSupplyOverflows(totalSupply_)); + if (overflows | _toUint(totalSupply_ < amount) != 0) revert TotalSupplyOverflow(); + maxId = totalSupply_ / _unit(); + } + unchecked { + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + Uint32Map storage toOwned = $.owned[to]; + Uint32Map storage oo = $.oo; + uint256 toIndex = toAddressData.ownedLength; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(_zeroFloorSub(t.toEnd, toIndex)); + + if (packedLogs.logs.length != 0) { + _packedLogsSet(packedLogs, to, 0); + $.totalNFTSupply += uint32(packedLogs.logs.length); + toAddressData.ownedLength = uint32(t.toEnd); + t.toAlias = _registerAndResolveAlias(toAddressData, to); + // Mint loop. + do { + uint256 id = startId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + startId = _wrapNFTId(id + 1, maxId); + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, to))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL BURN FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Burns `amount` tokens from `from`, reducing the total supply. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Emits a {Transfer} event. + function _burn(address from, uint256 amount) internal virtual { + AddressData storage fromAddressData = _addressData(from); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + uint256 fromBalance = fromAddressData.balance; + if (amount > fromBalance) revert InsufficientBalance(); + + unchecked { + fromAddressData.balance = uint96(fromBalance -= amount); + uint256 totalSupply_ = uint256($.totalSupply) - amount; + $.totalSupply = uint96(totalSupply_); + + Uint32Map storage fromOwned = $.owned[from]; + uint256 fromIndex = fromAddressData.ownedLength; + uint256 numNFTBurns = _zeroFloorSub(fromIndex, fromBalance / _unit()); + + if (numNFTBurns != 0) { + _DNPackedLogs memory packedLogs = _packedLogsMalloc(numNFTBurns); + _packedLogsSet(packedLogs, from, 1); + uint256 totalNFTSupply = uint256($.totalNFTSupply) - numNFTBurns; + $.totalNFTSupply = uint32(totalNFTSupply); + bool addToBurnedPool = _addToBurnedPool(totalNFTSupply, totalSupply_); + + Uint32Map storage oo = $.oo; + uint256 fromEnd = fromIndex - numNFTBurns; + fromAddressData.ownedLength = uint32(fromEnd); + uint32 burnedPoolTail = $.burnedPoolTail; + // Burn loop. + do { + uint256 id = _get(fromOwned, --fromIndex); + _setOwnerAliasAndOwnedIndex(oo, id, 0, 0); + _packedLogsAppend(packedLogs, id); + if (_useExistsLookup()) _set($.exists, id, false); + if (addToBurnedPool) _set($.burnedPool, burnedPoolTail++, uint32(id)); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (fromIndex != fromEnd); + + if (addToBurnedPool) $.burnedPoolTail = burnedPoolTail; + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), 0) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL TRANSFER FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Moves `amount` of tokens from `from` to `to`. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Emits a {Transfer} event. + function _transfer(address from, address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage fromAddressData = _addressData(from); + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNTransferTemps memory t; + t.fromOwnedLength = fromAddressData.ownedLength; + t.toOwnedLength = toAddressData.ownedLength; + t.totalSupply = $.totalSupply; + + if (amount > (t.fromBalance = fromAddressData.balance)) revert InsufficientBalance(); + + unchecked { + fromAddressData.balance = uint96(t.fromBalance -= amount); + toAddressData.balance = uint96(t.toBalance = uint256(toAddressData.balance) + amount); + + t.numNFTBurns = _zeroFloorSub(t.fromOwnedLength, t.fromBalance / _unit()); + + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + if (from == to) t.toOwnedLength = t.fromOwnedLength - t.numNFTBurns; + t.numNFTMints = _zeroFloorSub(t.toBalance / _unit(), t.toOwnedLength); + } + + if (_useDirectTransfersIfPossible()) { + uint256 n = _min(t.fromOwnedLength, _min(t.numNFTBurns, t.numNFTMints)); + if (n != 0) { + t.numNFTBurns -= n; + t.numNFTMints -= n; + if (from == to) { + t.toOwnedLength += n; + } else { + _DNDirectLogs memory directLogs = _directLogsMalloc(n, from, to); + Uint32Map storage fromOwned = $.owned[from]; + Uint32Map storage toOwned = $.owned[to]; + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint256 toIndex = t.toOwnedLength; + // Direct transfer loop. + do { + uint256 id = _get(fromOwned, --t.fromOwnedLength); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex($.oo, id, t.toAlias, uint32(toIndex++)); + _directLogsAppend(directLogs, id); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (--n != 0); + + toAddressData.ownedLength = uint32(t.toOwnedLength = toIndex); + fromAddressData.ownedLength = uint32(t.fromOwnedLength); + _directLogsSend(directLogs, $.mirrorERC721); + } + } + } + + t.totalNFTSupply = uint256($.totalNFTSupply) + t.numNFTMints - t.numNFTBurns; + $.totalNFTSupply = uint32(t.totalNFTSupply); + + Uint32Map storage oo = $.oo; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(t.numNFTBurns + t.numNFTMints); + + t.burnedPoolTail = $.burnedPoolTail; + if (t.numNFTBurns != 0) { + _packedLogsSet(packedLogs, from, 1); + bool addToBurnedPool = _addToBurnedPool(t.totalNFTSupply, t.totalSupply); + Uint32Map storage fromOwned = $.owned[from]; + uint256 fromIndex = t.fromOwnedLength; + fromAddressData.ownedLength = uint32(t.fromEnd = fromIndex - t.numNFTBurns); + uint32 burnedPoolTail = t.burnedPoolTail; + // Burn loop. + do { + uint256 id = _get(fromOwned, --fromIndex); + _setOwnerAliasAndOwnedIndex(oo, id, 0, 0); + _packedLogsAppend(packedLogs, id); + if (_useExistsLookup()) _set($.exists, id, false); + if (addToBurnedPool) _set($.burnedPool, burnedPoolTail++, uint32(id)); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (fromIndex != t.fromEnd); + + if (addToBurnedPool) $.burnedPoolTail = (t.burnedPoolTail = burnedPoolTail); + } + + if (t.numNFTMints != 0) { + _packedLogsSet(packedLogs, to, 0); + Uint32Map storage toOwned = $.owned[to]; + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint256 maxId = t.totalSupply / _unit(); + t.nextTokenId = _wrapNFTId($.nextTokenId, maxId); + uint256 toIndex = t.toOwnedLength; + toAddressData.ownedLength = uint32(t.toEnd = toIndex + t.numNFTMints); + uint32 burnedPoolHead = $.burnedPoolHead; + // Mint loop. + do { + uint256 id; + if (burnedPoolHead != t.burnedPoolTail) { + id = _get($.burnedPool, burnedPoolHead++); + } else { + id = t.nextTokenId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + t.nextTokenId = _wrapNFTId(id + 1, maxId); + } + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + $.burnedPoolHead = burnedPoolHead; + $.nextTokenId = uint32(t.nextTokenId); + } + + if (packedLogs.logs.length != 0) _packedLogsSend(packedLogs, $.mirrorERC721); + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + // forgefmt: disable-next-item + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), shr(96, shl(96, to))) + } + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Call must originate from the mirror contract. + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// `msgSender` must be the owner of the token, or be approved to manage the token. + /// + /// Emits a {Transfer} event. + function _transferFromNFT(address from, address to, uint256 id, address msgSender) + internal + virtual + { + if (to == address(0)) revert TransferToZeroAddress(); + + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + Uint32Map storage oo = $.oo; + + if (from != $.aliasToAddress[_get(oo, _ownershipIndex(_restrictNFTId(id)))]) { + revert TransferFromIncorrectOwner(); + } + + if (msgSender != from) { + if (_ref($.operatorApprovals, from, msgSender).value == 0) { + if (msgSender != $.nftApprovals[id]) { + revert TransferCallerNotOwnerNorApproved(); + } + } + } + + AddressData storage fromAddressData = _addressData(from); + AddressData storage toAddressData = _addressData(to); + + uint256 unit = _unit(); + mapping(address => Uint32Map) storage owned = $.owned; + Uint32Map storage fromOwned = owned[from]; + + unchecked { + uint256 fromBalance = fromAddressData.balance; + if (unit > fromBalance) revert InsufficientBalance(); + fromAddressData.balance = uint96(fromBalance - unit); + toAddressData.balance += uint96(unit); + } + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + unchecked { + uint32 updatedId = _get(fromOwned, --fromAddressData.ownedLength); + uint32 i = _get(oo, _ownedIndex(id)); + _set(fromOwned, i, updatedId); + _set(oo, _ownedIndex(updatedId), i); + } + unchecked { + uint32 n = toAddressData.ownedLength++; + _set(owned[to], n, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, _registerAndResolveAlias(toAddressData, to), n); + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, unit) + // forgefmt: disable-next-item + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), shr(96, shl(96, to))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL APPROVE FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Sets `amount` as the allowance of `spender` over the tokens of `owner`. + /// + /// Emits a {Approval} event. + function _approve(address owner, address spender, uint256 amount) internal virtual { + if (_givePermit2DefaultInfiniteAllowance() && spender == _PERMIT2) { + _getDN404Storage().addressData[owner].flags |= _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG; + } + _ref(_getDN404Storage().allowance, owner, spender).value = amount; + /// @solidity memory-safe-assembly + assembly { + // Emit the {Approval} event. + mstore(0x00, amount) + // forgefmt: disable-next-item + log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, shr(96, shl(96, owner)), shr(96, shl(96, spender))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* DATA HITCHHIKING FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the auxiliary data for `owner`. + /// Minting, transferring, burning the tokens of `owner` will not change the auxiliary data. + /// Auxiliary data can be set for any address, even if it does not have any tokens. + function _getAux(address owner) internal view virtual returns (uint88) { + return _getDN404Storage().addressData[owner].aux; + } + + /// @dev Set the auxiliary data for `owner` to `value`. + /// Minting, transferring, burning the tokens of `owner` will not change the auxiliary data. + /// Auxiliary data can be set for any address, even if it does not have any tokens. + function _setAux(address owner, uint88 value) internal virtual { + _getDN404Storage().addressData[owner].aux = value; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* SKIP NFT FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns true if minting and transferring ERC20s to `owner` will skip minting NFTs. + /// Returns false otherwise. + function getSkipNFT(address owner) public view virtual returns (bool) { + AddressData storage d = _getDN404Storage().addressData[owner]; + if (d.flags & _ADDRESS_DATA_INITIALIZED_FLAG == 0) return _hasCode(owner); + return d.flags & _ADDRESS_DATA_SKIP_NFT_FLAG != 0; + } + + /// @dev Sets the caller's skipNFT flag to `skipNFT`. Returns true. + /// + /// Emits a {SkipNFTSet} event. + function setSkipNFT(bool skipNFT) public virtual returns (bool) { + _setSkipNFT(msg.sender, skipNFT); + return true; + } + + /// @dev Internal function to set account `owner` skipNFT flag to `state` + /// + /// Initializes account `owner` AddressData if it is not currently initialized. + /// + /// Emits a {SkipNFTSet} event. + function _setSkipNFT(address owner, bool state) internal virtual { + AddressData storage d = _addressData(owner); + if ((d.flags & _ADDRESS_DATA_SKIP_NFT_FLAG != 0) != state) { + d.flags ^= _ADDRESS_DATA_SKIP_NFT_FLAG; + } + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, iszero(iszero(state))) + log2(0x00, 0x20, _SKIP_NFT_SET_EVENT_SIGNATURE, shr(96, shl(96, owner))) + } + } + + /// @dev Returns a storage data pointer for account `owner` AddressData + /// + /// Initializes account `owner` AddressData if it is not currently initialized. + function _addressData(address owner) internal virtual returns (AddressData storage d) { + d = _getDN404Storage().addressData[owner]; + unchecked { + if (d.flags & _ADDRESS_DATA_INITIALIZED_FLAG == 0) { + uint256 skipNFT = _toUint(_hasCode(owner)) * _ADDRESS_DATA_SKIP_NFT_FLAG; + d.flags = uint8(skipNFT | _ADDRESS_DATA_INITIALIZED_FLAG); + } + } + } + + /// @dev Returns the `addressAlias` of account `to`. + /// + /// Assigns and registers the next alias if `to` alias was not previously registered. + function _registerAndResolveAlias(AddressData storage toAddressData, address to) + internal + virtual + returns (uint32 addressAlias) + { + DN404Storage storage $ = _getDN404Storage(); + addressAlias = toAddressData.addressAlias; + if (addressAlias == 0) { + unchecked { + addressAlias = ++$.numAliases; + } + toAddressData.addressAlias = addressAlias; + $.aliasToAddress[addressAlias] = to; + if (addressAlias == 0) revert(); // Overflow. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* MIRROR OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the address of the mirror NFT contract. + function mirrorERC721() public view virtual returns (address) { + return _getDN404Storage().mirrorERC721; + } + + /// @dev Returns the total NFT supply. + function _totalNFTSupply() internal view virtual returns (uint256) { + return _getDN404Storage().totalNFTSupply; + } + + /// @dev Returns `owner` NFT balance. + function _balanceOfNFT(address owner) internal view virtual returns (uint256) { + return _getDN404Storage().addressData[owner].ownedLength; + } + + /// @dev Returns the owner of token `id`. + /// Returns the zero address instead of reverting if the token does not exist. + function _ownerAt(uint256 id) internal view virtual returns (address) { + DN404Storage storage $ = _getDN404Storage(); + return $.aliasToAddress[_get($.oo, _ownershipIndex(_restrictNFTId(id)))]; + } + + /// @dev Returns the owner of token `id`. + /// + /// Requirements: + /// - Token `id` must exist. + function _ownerOf(uint256 id) internal view virtual returns (address) { + if (!_exists(id)) revert TokenDoesNotExist(); + return _ownerAt(id); + } + + /// @dev Returns if token `id` exists. + function _exists(uint256 id) internal view virtual returns (bool) { + return _ownerAt(id) != address(0); + } + + /// @dev Returns the account approved to manage token `id`. + /// + /// Requirements: + /// - Token `id` must exist. + function _getApproved(uint256 id) internal view virtual returns (address) { + if (!_exists(id)) revert TokenDoesNotExist(); + return _getDN404Storage().nftApprovals[id]; + } + + /// @dev Sets `spender` as the approved account to manage token `id`, using `msgSender`. + /// + /// Requirements: + /// - `msgSender` must be the owner or an approved operator for the token owner. + function _approveNFT(address spender, uint256 id, address msgSender) + internal + virtual + returns (address owner) + { + DN404Storage storage $ = _getDN404Storage(); + + owner = $.aliasToAddress[_get($.oo, _ownershipIndex(_restrictNFTId(id)))]; + + if (msgSender != owner) { + if (_ref($.operatorApprovals, owner, msgSender).value == 0) { + revert ApprovalCallerNotOwnerNorApproved(); + } + } + + $.nftApprovals[id] = spender; + _set($.mayHaveNFTApproval, id, spender != address(0)); + } + + /// @dev Approve or remove the `operator` as an operator for `msgSender`, + /// without authorization checks. + function _setApprovalForAll(address operator, bool approved, address msgSender) + internal + virtual + { + _ref(_getDN404Storage().operatorApprovals, msgSender, operator).value = _toUint(approved); + } + + /// @dev Returns the NFT IDs of `owner` in range `[begin, end)`. + /// Optimized for smaller bytecode size, as this function is intended for off-chain calling. + function _ownedIds(address owner, uint256 begin, uint256 end) + internal + view + virtual + returns (uint256[] memory ids) + { + DN404Storage storage $ = _getDN404Storage(); + Uint32Map storage owned = $.owned[owner]; + uint256 n = _min($.addressData[owner].ownedLength, end); + /// @solidity memory-safe-assembly + assembly { + ids := mload(0x40) + let i := begin + for {} lt(i, n) { i := add(i, 1) } { + let s := add(shl(96, owned.slot), shr(3, i)) // Storage slot. + let id := and(0xffffffff, shr(shl(5, and(i, 7)), sload(s))) + mstore(add(add(ids, 0x20), shl(5, sub(i, begin))), id) // Append to. + } + mstore(ids, sub(i, begin)) // Store the length. + mstore(0x40, add(add(ids, 0x20), shl(5, sub(i, begin)))) // Allocate memory. + } + } + + /// @dev Fallback modifier to dispatch calls from the mirror NFT contract + /// to internal functions in this contract. + modifier dn404Fallback() virtual { + DN404Storage storage $ = _getDN404Storage(); + + uint256 fnSelector = _calldataload(0x00) >> 224; + address mirror = $.mirrorERC721; + + // `transferFromNFT(address,address,uint256,address)`. + if (fnSelector == 0xe5eb36c8) { + if (msg.sender != mirror) revert SenderNotMirror(); + _transferFromNFT( + address(uint160(_calldataload(0x04))), // `from`. + address(uint160(_calldataload(0x24))), // `to`. + _calldataload(0x44), // `id`. + address(uint160(_calldataload(0x64))) // `msgSender`. + ); + _return(1); + } + // `setApprovalForAll(address,bool,address)`. + if (fnSelector == 0x813500fc) { + if (msg.sender != mirror) revert SenderNotMirror(); + _setApprovalForAll( + address(uint160(_calldataload(0x04))), // `spender`. + _calldataload(0x24) != 0, // `status`. + address(uint160(_calldataload(0x44))) // `msgSender`. + ); + _return(1); + } + // `isApprovedForAll(address,address)`. + if (fnSelector == 0xe985e9c5) { + if (msg.sender != mirror) revert SenderNotMirror(); + Uint256Ref storage ref = _ref( + $.operatorApprovals, + address(uint160(_calldataload(0x04))), // `owner`. + address(uint160(_calldataload(0x24))) // `operator`. + ); + _return(ref.value); + } + // `ownerOf(uint256)`. + if (fnSelector == 0x6352211e) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_ownerOf(_calldataload(0x04)))); + } + // `ownerAt(uint256)`. + if (fnSelector == 0x24359879) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_ownerAt(_calldataload(0x04)))); + } + // `approveNFT(address,uint256,address)`. + if (fnSelector == 0xd10b6e0c) { + if (msg.sender != mirror) revert SenderNotMirror(); + address owner = _approveNFT( + address(uint160(_calldataload(0x04))), // `spender`. + _calldataload(0x24), // `id`. + address(uint160(_calldataload(0x44))) // `msgSender`. + ); + _return(uint160(owner)); + } + // `getApproved(uint256)`. + if (fnSelector == 0x081812fc) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_getApproved(_calldataload(0x04)))); + } + // `balanceOfNFT(address)`. + if (fnSelector == 0xf5b100ea) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(_balanceOfNFT(address(uint160(_calldataload(0x04))))); + } + // `totalNFTSupply()`. + if (fnSelector == 0xe2c79281) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(_totalNFTSupply()); + } + // `implementsDN404()`. + if (fnSelector == 0xb7a94eb8) { + _return(1); + } + _; + } + + /// @dev Fallback function for calls from mirror NFT contract. + /// Override this if you need to implement your custom + /// fallback with utilities like Solady's `LibZip.cdFallback()`. + /// And always remember to always wrap the fallback with `dn404Fallback`. + fallback() external payable virtual dn404Fallback { + revert FnSelectorNotRecognized(); // Not mandatory. Just for quality of life. + } + + /// @dev This is to silence the compiler warning. + /// Override and remove the revert if you want your contract to receive ETH via receive. + receive() external payable virtual { + if (msg.value != 0) revert(); + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL / PRIVATE HELPERS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns `(i - 1) << 1`. + function _ownershipIndex(uint256 i) internal pure returns (uint256) { + unchecked { + return (i - 1) << 1; // Minus 1 as token IDs start from 1. + } + } + + /// @dev Returns `((i - 1) << 1) + 1`. + function _ownedIndex(uint256 i) internal pure returns (uint256) { + unchecked { + return ((i - 1) << 1) + 1; // Minus 1 as token IDs start from 1. + } + } + + /// @dev Returns the uint32 value at `index` in `map`. + function _get(Uint32Map storage map, uint256 index) internal view returns (uint32 result) { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, map.slot), shr(3, index)) // Storage slot. + result := and(0xffffffff, shr(shl(5, and(index, 7)), sload(s))) + } + } + + /// @dev Updates the uint32 value at `index` in `map`. + function _set(Uint32Map storage map, uint256 index, uint32 value) internal { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, map.slot), shr(3, index)) // Storage slot. + let o := shl(5, and(index, 7)) // Storage slot offset (bits). + let v := sload(s) // Storage slot value. + sstore(s, xor(v, shl(o, and(0xffffffff, xor(value, shr(o, v)))))) + } + } + + /// @dev Sets the owner alias and the owned index together. + function _setOwnerAliasAndOwnedIndex( + Uint32Map storage map, + uint256 id, + uint32 ownership, + uint32 ownedIndex + ) internal { + /// @solidity memory-safe-assembly + assembly { + let i := sub(id, 1) // Index of the uint64 combined value. + let s := add(shl(96, map.slot), shr(2, i)) // Storage slot. + let v := sload(s) // Storage slot value. + let o := shl(6, and(i, 3)) // Storage slot offset (bits). + let combined := or(shl(32, ownedIndex), and(0xffffffff, ownership)) + sstore(s, xor(v, shl(o, and(0xffffffffffffffff, xor(shr(o, v), combined))))) + } + } + + /// @dev Returns the boolean value of the bit at `index` in `bitmap`. + function _get(Bitmap storage bitmap, uint256 index) internal view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, bitmap.slot), shr(8, index)) // Storage slot. + result := and(1, shr(and(0xff, index), sload(s))) + } + } + + /// @dev Updates the bit at `index` in `bitmap` to `value`. + function _set(Bitmap storage bitmap, uint256 index, bool value) internal { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, bitmap.slot), shr(8, index)) // Storage slot. + let o := and(0xff, index) // Storage slot offset (bits). + sstore(s, or(and(sload(s), not(shl(o, 1))), shl(o, iszero(iszero(value))))) + } + } + + /// @dev Returns the index of the least significant unset bit in `[begin, end)`. + /// If no unset bit is found, returns `type(uint256).max`. + function _findFirstUnset(Bitmap storage bitmap, uint256 begin, uint256 end) + internal + view + returns (uint256 unsetBitIndex) + { + /// @solidity memory-safe-assembly + assembly { + unsetBitIndex := not(0) // Initialize to `type(uint256).max`. + let s := shl(96, bitmap.slot) // Storage offset of the bitmap. + let bucket := add(s, shr(8, begin)) + let negBits := shl(and(0xff, begin), shr(and(0xff, begin), not(sload(bucket)))) + if iszero(negBits) { + let lastBucket := add(s, shr(8, end)) + for {} 1 {} { + bucket := add(bucket, 1) + negBits := not(sload(bucket)) + if or(negBits, gt(bucket, lastBucket)) { break } + } + if gt(bucket, lastBucket) { + negBits := shr(and(0xff, not(end)), shl(and(0xff, not(end)), negBits)) + } + } + if negBits { + // Find-first-set routine. + let b := and(negBits, add(not(negBits), 1)) // Isolate the least significant bit. + let r := shl(7, lt(0xffffffffffffffffffffffffffffffff, b)) + r := or(r, shl(6, lt(0xffffffffffffffff, shr(r, b)))) + r := or(r, shl(5, lt(0xffffffff, shr(r, b)))) + // For the remaining 32 bits, use a De Bruijn lookup. + // forgefmt: disable-next-item + r := or(r, byte(and(div(0xd76453e0, shr(r, b)), 0x1f), + 0x001f0d1e100c1d070f090b19131c1706010e11080a1a141802121b1503160405)) + r := or(shl(8, sub(bucket, s)), r) + unsetBitIndex := or(r, sub(0, or(iszero(lt(r, end)), lt(r, begin)))) + } + } + } + + /// @dev Returns a storage reference to the value at (`a0`, `a1`) in `map`. + function _ref(AddressPairToUint256RefMap storage map, address a0, address a1) + internal + pure + returns (Uint256Ref storage ref) + { + /// @solidity memory-safe-assembly + assembly { + mstore(0x28, a1) + mstore(0x14, a0) + mstore(0x00, map.slot) + ref.slot := keccak256(0x00, 0x48) + // Clear the part of the free memory pointer that was overwritten. + mstore(0x28, 0x00) + } + } + + /// @dev Wraps the NFT ID. + function _wrapNFTId(uint256 id, uint256 maxId) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := or(mul(iszero(gt(id, maxId)), id), gt(id, maxId)) + } + } + + /// @dev Returns `id > type(uint32).max ? 0 : id`. + function _restrictNFTId(uint256 id) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := mul(id, lt(id, 0x100000000)) + } + } + + /// @dev Returns whether `amount` is a valid `totalSupply`. + function _totalSupplyOverflows(uint256 amount) internal view returns (bool result) { + uint256 unit = _unit(); + /// @solidity memory-safe-assembly + assembly { + result := iszero(iszero(or(shr(96, amount), lt(0xfffffffe, div(amount, unit))))) + } + } + + /// @dev Returns `max(0, x - y)`. + function _zeroFloorSub(uint256 x, uint256 y) internal pure returns (uint256 z) { + /// @solidity memory-safe-assembly + assembly { + z := mul(gt(x, y), sub(x, y)) + } + } + + /// @dev Returns `x < y ? x : y`. + function _min(uint256 x, uint256 y) internal pure returns (uint256 z) { + /// @solidity memory-safe-assembly + assembly { + z := xor(x, mul(xor(x, y), lt(y, x))) + } + } + + /// @dev Returns `b ? 1 : 0`. + function _toUint(bool b) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := iszero(iszero(b)) + } + } + + /// @dev Struct containing direct transfer log data for {Transfer} events to be + /// emitted by the mirror NFT contract. + struct _DNDirectLogs { + uint256 offset; + address from; + address to; + uint256[] logs; + } + + /// @dev Initiates memory allocation for direct logs with `n` log items. + function _directLogsMalloc(uint256 n, address from, address to) + private + pure + returns (_DNDirectLogs memory p) + { + /// @solidity memory-safe-assembly + assembly { + // Note that `p` implicitly allocates and advances the free memory pointer by + // 4 words, which we can safely mutate in `_directLogsSend`. + let logs := mload(0x40) + mstore(logs, n) // Store the length. + let offset := add(0x20, logs) // Skip the word for `p.logs.length`. + mstore(0x40, add(offset, shl(5, n))) // Allocate memory. + mstore(add(0x60, p), logs) // Set `p.logs`. + mstore(add(0x40, p), to) // Set `p.to`. + mstore(add(0x20, p), from) // Set `p.from`. + mstore(p, offset) // Set `p.offset`. + } + } + + /// @dev Adds a direct log item to `p` with token `id`. + function _directLogsAppend(_DNDirectLogs memory p, uint256 id) private pure { + /// @solidity memory-safe-assembly + assembly { + let offset := mload(p) + mstore(offset, id) + mstore(p, add(offset, 0x20)) + } + } + + /// @dev Calls the `mirror` NFT contract to emit {Transfer} events for packed logs `p`. + function _directLogsSend(_DNDirectLogs memory p, address mirror) private { + /// @solidity memory-safe-assembly + assembly { + let logs := mload(add(p, 0x60)) + let n := add(0x84, shl(5, mload(logs))) // Length of calldata to send. + let o := sub(logs, 0x80) // Start of calldata to send. + mstore(o, 0x144027d3) // `logDirectTransfer(address,address,uint256[])`. + let from := mload(add(0x20, p)) + let to := mload(add(0x40, p)) + mstore(add(o, 0x20), from) + mstore(add(o, 0x40), to) + mstore(add(o, 0x60), 0x60) // Offset of `logs` in the calldata to send. + if iszero(and(eq(mload(o), 1), call(gas(), mirror, 0, add(o, 0x1c), n, o, 0x20))) { + revert(o, 0x00) + } + } + } + + /// @dev Struct containing packed log data for {Transfer} events to be + /// emitted by the mirror NFT contract. + struct _DNPackedLogs { + uint256 offset; + uint256 addressAndBit; + uint256[] logs; + } + + /// @dev Initiates memory allocation for packed logs with `n` log items. + function _packedLogsMalloc(uint256 n) private pure returns (_DNPackedLogs memory p) { + /// @solidity memory-safe-assembly + assembly { + // Note that `p` implicitly allocates and advances the free memory pointer by + // 3 words, which we can safely mutate in `_packedLogsSend`. + let logs := mload(0x40) + mstore(logs, n) // Store the length. + let offset := add(0x20, logs) // Skip the word for `p.logs.length`. + mstore(0x40, add(offset, shl(5, n))) // Allocate memory. + mstore(add(0x40, p), logs) // Set `p.logs`. + mstore(p, offset) // Set `p.offset`. + } + } + + /// @dev Set the current address and the burn bit. + function _packedLogsSet(_DNPackedLogs memory p, address a, uint256 burnBit) private pure { + /// @solidity memory-safe-assembly + assembly { + mstore(add(p, 0x20), or(shl(96, a), burnBit)) // Set `p.addressAndBit`. + } + } + + /// @dev Adds a packed log item to `p` with token `id`. + function _packedLogsAppend(_DNPackedLogs memory p, uint256 id) private pure { + /// @solidity memory-safe-assembly + assembly { + let offset := mload(p) + mstore(offset, or(mload(add(p, 0x20)), shl(8, id))) // `p.addressAndBit | (id << 8)`. + mstore(p, add(offset, 0x20)) + } + } + + /// @dev Calls the `mirror` NFT contract to emit {Transfer} events for packed logs `p`. + function _packedLogsSend(_DNPackedLogs memory p, address mirror) private { + /// @solidity memory-safe-assembly + assembly { + let logs := mload(add(p, 0x40)) + let o := sub(logs, 0x40) // Start of calldata to send. + mstore(o, 0x263c69d6) // `logTransfer(uint256[])`. + mstore(add(o, 0x20), 0x20) // Offset of `logs` in the calldata to send. + let n := add(0x44, shl(5, mload(logs))) // Length of calldata to send. + if iszero(and(eq(mload(o), 1), call(gas(), mirror, 0, add(o, 0x1c), n, o, 0x20))) { + revert(o, 0x00) + } + } + } + + /// @dev Struct of temporary variables for transfers. + struct _DNTransferTemps { + uint256 numNFTBurns; + uint256 numNFTMints; + uint256 fromBalance; + uint256 toBalance; + uint256 fromOwnedLength; + uint256 toOwnedLength; + uint256 totalSupply; + uint256 totalNFTSupply; + uint256 fromEnd; + uint256 toEnd; + uint32 toAlias; + uint256 nextTokenId; + uint32 burnedPoolTail; + } + + /// @dev Struct of temporary variables for mints. + struct _DNMintTemps { + uint256 nextTokenId; + uint32 burnedPoolTail; + uint256 toEnd; + uint32 toAlias; + } + + /// @dev Returns if `a` has bytecode of non-zero length. + function _hasCode(address a) private view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := extcodesize(a) // Can handle dirty upper bits. + } + } + + /// @dev Returns the calldata value at `offset`. + function _calldataload(uint256 offset) private pure returns (uint256 value) { + /// @solidity memory-safe-assembly + assembly { + value := calldataload(offset) + } + } + + /// @dev Executes a return opcode to return `x` and end the current call frame. + function _return(uint256 x) private pure { + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, x) + return(0x00, 0x20) + } + } +} + +// SPDX-License-Identifier: MIT +/// @title DN404Mirror +/// @notice DN404Mirror provides an interface for interacting with the +/// NFT tokens in a DN404 implementation. +/// +/// @author vectorized.eth (@optimizoor) +/// @author Quit (@0xQuit) +/// @author Michael Amadi (@AmadiMichaels) +/// @author cygaar (@0xCygaar) +/// @author Thomas (@0xjustadev) +/// @author Harrison (@PopPunkOnChain) +/// +/// @dev Note: +/// - The ERC721 data is stored in the base DN404 contract. +contract DN404Mirror { + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* EVENTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Emitted when token `id` is transferred from `from` to `to`. + event Transfer(address indexed from, address indexed to, uint256 indexed id); + + /// @dev Emitted when `owner` enables `account` to manage the `id` token. + event Approval(address indexed owner, address indexed account, uint256 indexed id); + + /// @dev Emitted when `owner` enables or disables `operator` to manage all of their tokens. + event ApprovalForAll(address indexed owner, address indexed operator, bool isApproved); + + /// @dev The ownership is transferred from `oldOwner` to `newOwner`. + /// This is for marketplace signaling purposes. This contract has a `pullOwner()` + /// function that will sync the owner from the base contract. + event OwnershipTransferred(address indexed oldOwner, address indexed newOwner); + + /// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`. + uint256 private constant _TRANSFER_EVENT_SIGNATURE = + 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; + + /// @dev `keccak256(bytes("Approval(address,address,uint256)"))`. + uint256 private constant _APPROVAL_EVENT_SIGNATURE = + 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925; + + /// @dev `keccak256(bytes("ApprovalForAll(address,address,bool)"))`. + uint256 private constant _APPROVAL_FOR_ALL_EVENT_SIGNATURE = + 0x17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CUSTOM ERRORS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Thrown when a call for an NFT function did not originate + /// from the base DN404 contract. + error SenderNotBase(); + + /// @dev Thrown when a call for an NFT function did not originate from the deployer. + error SenderNotDeployer(); + + /// @dev Thrown when transferring an NFT to a contract address that + /// does not implement ERC721Receiver. + error TransferToNonERC721ReceiverImplementer(); + + /// @dev Thrown when linking to the DN404 base contract and the + /// DN404 supportsInterface check fails or the call reverts. + error CannotLink(); + + /// @dev Thrown when a linkMirrorContract call is received and the + /// NFT mirror contract has already been linked to a DN404 base contract. + error AlreadyLinked(); + + /// @dev Thrown when retrieving the base DN404 address when a link has not + /// been established. + error NotLinked(); + + /// @dev The function selector is not recognized. + error FnSelectorNotRecognized(); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* STORAGE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Struct contain the NFT mirror contract storage. + struct DN404NFTStorage { + // Address of the ERC20 base contract. + address baseERC20; + // The deployer, if provided. If non-zero, the initialization of the + // ERC20 <-> ERC721 link can only be done be the deployer via the ERC20 base contract. + address deployer; + // The owner of the ERC20 base contract. For marketplace signaling. + address owner; + } + + /// @dev Returns a storage pointer for DN404NFTStorage. + function _getDN404NFTStorage() internal pure virtual returns (DN404NFTStorage storage $) { + /// @solidity memory-safe-assembly + assembly { + // `uint72(bytes9(keccak256("DN404_MIRROR_STORAGE")))`. + $.slot := 0x3602298b8c10b01230 // Truncate to 9 bytes to reduce bytecode size. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONSTRUCTOR */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + constructor(address deployer) { + // For non-proxies, we will store the deployer so that only the deployer can + // link the base contract. + _getDN404NFTStorage().deployer = deployer; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* ERC721 OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the token collection name from the base DN404 contract. + function name() public view virtual returns (string memory) { + return _readString(0x06fdde03, 0); // `name()`. + } + + /// @dev Returns the token collection symbol from the base DN404 contract. + function symbol() public view virtual returns (string memory) { + return _readString(0x95d89b41, 0); // `symbol()`. + } + + /// @dev Returns the Uniform Resource Identifier (URI) for token `id` from + /// the base DN404 contract. + function tokenURI(uint256 id) public view virtual returns (string memory) { + return _readString(0xc87b56dd, id); // `tokenURI()`. + } + + /// @dev Returns the total NFT supply from the base DN404 contract. + function totalSupply() public view virtual returns (uint256) { + return _readWord(0xe2c79281, 0, 0); // `totalNFTSupply()`. + } + + /// @dev Returns the number of NFT tokens owned by `nftOwner` from the base DN404 contract. + /// + /// Requirements: + /// - `nftOwner` must not be the zero address. + function balanceOf(address nftOwner) public view virtual returns (uint256) { + return _readWord(0xf5b100ea, uint160(nftOwner), 0); // `balanceOfNFT(address)`. + } + + /// @dev Returns the owner of token `id` from the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + function ownerOf(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x6352211e, id, 0))); // `ownerOf(uint256)`. + } + + /// @dev Returns the owner of token `id` from the base DN404 contract. + /// Returns `address(0)` instead of reverting if the token does not exist. + function ownerAt(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x24359879, id, 0))); // `ownerAt(uint256)`. + } + + /// @dev Sets `spender` as the approved account to manage token `id` in + /// the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + /// - The caller must be the owner of the token, + /// or an approved operator for the token owner. + /// + /// Emits an {Approval} event. + function approve(address spender, uint256 id) public payable virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + spender := shr(96, shl(96, spender)) + let m := mload(0x40) + mstore(0x00, 0xd10b6e0c) // `approveNFT(address,uint256,address)`. + mstore(0x20, spender) + mstore(0x40, id) + mstore(0x60, caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + gt(returndatasize(), 0x1f), // The call must return at least 32 bytes. + call(gas(), base, callvalue(), 0x1c, 0x64, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + mstore(0x40, m) // Restore the free memory pointer. + mstore(0x60, 0) // Restore the zero pointer. + // Emit the {Approval} event. + log4(codesize(), 0x00, _APPROVAL_EVENT_SIGNATURE, shr(96, mload(0x0c)), spender, id) + } + } + + /// @dev Returns the account approved to manage token `id` from + /// the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + function getApproved(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x081812fc, id, 0))); // `getApproved(uint256)`. + } + + /// @dev Sets whether `operator` is approved to manage the tokens of the caller in + /// the base DN404 contract. + /// + /// Emits an {ApprovalForAll} event. + function setApprovalForAll(address operator, bool approved) public virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + operator := shr(96, shl(96, operator)) + let m := mload(0x40) + mstore(0x00, 0x813500fc) // `setApprovalForAll(address,bool,address)`. + mstore(0x20, operator) + mstore(0x40, iszero(iszero(approved))) + mstore(0x60, caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + eq(mload(0x00), 1), // The call must return 1. + call(gas(), base, callvalue(), 0x1c, 0x64, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + // Emit the {ApprovalForAll} event. + // The `approved` value is already at 0x40. + log3(0x40, 0x20, _APPROVAL_FOR_ALL_EVENT_SIGNATURE, caller(), operator) + mstore(0x40, m) // Restore the free memory pointer. + mstore(0x60, 0) // Restore the zero pointer. + } + } + + /// @dev Returns whether `operator` is approved to manage the tokens of `nftOwner` from + /// the base DN404 contract. + function isApprovedForAll(address nftOwner, address operator) + public + view + virtual + returns (bool) + { + // `isApprovedForAll(address,address)`. + return _readWord(0xe985e9c5, uint160(nftOwner), uint160(operator)) != 0; + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// - The caller must be the owner of the token, or be approved to manage the token. + /// + /// Emits a {Transfer} event. + function transferFrom(address from, address to, uint256 id) public payable virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + from := shr(96, shl(96, from)) + to := shr(96, shl(96, to)) + let m := mload(0x40) + mstore(m, 0xe5eb36c8) // `transferFromNFT(address,address,uint256,address)`. + mstore(add(m, 0x20), from) + mstore(add(m, 0x40), to) + mstore(add(m, 0x60), id) + mstore(add(m, 0x80), caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + eq(mload(m), 1), // The call must return 1. + call(gas(), base, callvalue(), add(m, 0x1c), 0x84, m, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + // Emit the {Transfer} event. + log4(codesize(), 0x00, _TRANSFER_EVENT_SIGNATURE, from, to, id) + } + } + + /// @dev Equivalent to `safeTransferFrom(from, to, id, "")`. + function safeTransferFrom(address from, address to, uint256 id) public payable virtual { + transferFrom(from, to, id); + if (_hasCode(to)) _checkOnERC721Received(from, to, id, ""); + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// - The caller must be the owner of the token, or be approved to manage the token. + /// - If `to` refers to a smart contract, it must implement + /// {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. + /// + /// Emits a {Transfer} event. + function safeTransferFrom(address from, address to, uint256 id, bytes calldata data) + public + payable + virtual + { + transferFrom(from, to, id); + if (_hasCode(to)) _checkOnERC721Received(from, to, id, data); + } + + /// @dev Returns true if this contract implements the interface defined by `interfaceId`. + /// See: https://eips.ethereum.org/EIPS/eip-165 + /// This function call must use less than 30000 gas. + function supportsInterface(bytes4 interfaceId) public view virtual returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let s := shr(224, interfaceId) + // ERC165: 0x01ffc9a7, ERC721: 0x80ac58cd, ERC721Metadata: 0x5b5e139f. + result := or(or(eq(s, 0x01ffc9a7), eq(s, 0x80ac58cd)), eq(s, 0x5b5e139f)) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* OWNER SYNCING OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the `owner` of the contract, for marketplace signaling purposes. + function owner() public view virtual returns (address) { + return _getDN404NFTStorage().owner; + } + + /// @dev Permissionless function to pull the owner from the base DN404 contract + /// if it implements ownable, for marketplace signaling purposes. + function pullOwner() public virtual returns (bool) { + address newOwner; + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x8da5cb5b) // `owner()`. + let success := staticcall(gas(), base, 0x1c, 0x04, 0x00, 0x20) + newOwner := mul(shr(96, mload(0x0c)), and(gt(returndatasize(), 0x1f), success)) + } + DN404NFTStorage storage $ = _getDN404NFTStorage(); + address oldOwner = $.owner; + if (oldOwner != newOwner) { + $.owner = newOwner; + emit OwnershipTransferred(oldOwner, newOwner); + } + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* MIRROR OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the address of the base DN404 contract. + function baseERC20() public view virtual returns (address base) { + base = _getDN404NFTStorage().baseERC20; + if (base == address(0)) revert NotLinked(); + } + + /// @dev Fallback modifier to execute calls from the base DN404 contract. + modifier dn404NFTFallback() virtual { + DN404NFTStorage storage $ = _getDN404NFTStorage(); + + uint256 fnSelector = _calldataload(0x00) >> 224; + + // `logTransfer(uint256[])`. + if (fnSelector == 0x263c69d6) { + if (msg.sender != $.baseERC20) revert SenderNotBase(); + /// @solidity memory-safe-assembly + assembly { + let o := add(0x24, calldataload(0x04)) // Packed logs offset. + let end := add(o, shl(5, calldataload(sub(o, 0x20)))) + for {} iszero(eq(o, end)) { o := add(0x20, o) } { + let d := calldataload(o) // Entry in the packed logs. + let a := shr(96, d) // The address. + let b := and(1, d) // Whether it is a burn. + log4( + codesize(), + 0x00, + _TRANSFER_EVENT_SIGNATURE, + mul(a, b), // `from`. + mul(a, iszero(b)), // `to`. + shr(168, shl(160, d)) // `id`. + ) + } + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + // `logDirectTransfer(address,address,uint256[])`. + if (fnSelector == 0x144027d3) { + if (msg.sender != $.baseERC20) revert SenderNotBase(); + /// @solidity memory-safe-assembly + assembly { + let from := calldataload(0x04) + let to := calldataload(0x24) + let o := add(0x24, calldataload(0x44)) // Direct logs offset. + let end := add(o, shl(5, calldataload(sub(o, 0x20)))) + for {} iszero(eq(o, end)) { o := add(0x20, o) } { + log4(codesize(), 0x00, _TRANSFER_EVENT_SIGNATURE, from, to, calldataload(o)) + } + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + // `linkMirrorContract(address)`. + if (fnSelector == 0x0f4599e5) { + if ($.deployer != address(0)) { + if (address(uint160(_calldataload(0x04))) != $.deployer) { + revert SenderNotDeployer(); + } + } + if ($.baseERC20 != address(0)) revert AlreadyLinked(); + $.baseERC20 = msg.sender; + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + _; + } + + /// @dev Fallback function for calls from base DN404 contract. + /// Override this if you need to implement your custom + /// fallback with utilities like Solady's `LibZip.cdFallback()`. + /// And always remember to always wrap the fallback with `dn404NFTFallback`. + fallback() external payable virtual dn404NFTFallback { + revert FnSelectorNotRecognized(); // Not mandatory. Just for quality of life. + } + + /// @dev This is to silence the compiler warning. + /// Override and remove the revert if you want your contract to receive ETH via receive. + receive() external payable virtual { + if (msg.value != 0) revert(); + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* PRIVATE HELPERS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Helper to read a string from the base DN404 contract. + function _readString(uint256 fnSelector, uint256 arg0) + private + view + returns (string memory result) + { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + result := mload(0x40) + mstore(0x00, fnSelector) + mstore(0x20, arg0) + if iszero(staticcall(gas(), base, 0x1c, 0x24, 0x00, 0x00)) { + returndatacopy(result, 0x00, returndatasize()) + revert(result, returndatasize()) + } + returndatacopy(0x00, 0x00, 0x20) // Copy the offset of the string in returndata. + returndatacopy(result, mload(0x00), 0x20) // Copy the length of the string. + returndatacopy(add(result, 0x20), add(mload(0x00), 0x20), mload(result)) // Copy the string. + let end := add(add(result, 0x20), mload(result)) + mstore(end, 0) // Zeroize the word after the string. + mstore(0x40, add(end, 0x20)) // Allocate memory. + } + } + + /// @dev Helper to read a word from the base DN404 contract. + function _readWord(uint256 fnSelector, uint256 arg0, uint256 arg1) + private + view + returns (uint256 result) + { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) + mstore(0x00, fnSelector) + mstore(0x20, arg0) + mstore(0x40, arg1) + if iszero( + and( // Arguments of `and` are evaluated last to first. + gt(returndatasize(), 0x1f), // The call must return at least 32 bytes. + staticcall(gas(), base, 0x1c, 0x44, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + mstore(0x40, m) // Restore the free memory pointer. + result := mload(0x00) + } + } + + /// @dev Returns the calldata value at `offset`. + function _calldataload(uint256 offset) private pure returns (uint256 value) { + /// @solidity memory-safe-assembly + assembly { + value := calldataload(offset) + } + } + + /// @dev Returns if `a` has bytecode of non-zero length. + function _hasCode(address a) private view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := extcodesize(a) // Can handle dirty upper bits. + } + } + + /// @dev Perform a call to invoke {IERC721Receiver-onERC721Received} on `to`. + /// Reverts if the target does not support the function correctly. + function _checkOnERC721Received(address from, address to, uint256 id, bytes memory data) + private + { + /// @solidity memory-safe-assembly + assembly { + // Prepare the calldata. + let m := mload(0x40) + let onERC721ReceivedSelector := 0x150b7a02 + mstore(m, onERC721ReceivedSelector) + mstore(add(m, 0x20), caller()) // The `operator`, which is always `msg.sender`. + mstore(add(m, 0x40), shr(96, shl(96, from))) + mstore(add(m, 0x60), id) + mstore(add(m, 0x80), 0x80) + let n := mload(data) + mstore(add(m, 0xa0), n) + if n { pop(staticcall(gas(), 4, add(data, 0x20), n, add(m, 0xc0), n)) } + // Revert if the call reverts. + if iszero(call(gas(), to, 0, add(m, 0x1c), add(n, 0xa4), m, 0x20)) { + if returndatasize() { + // Bubble up the revert if the call reverts. + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + } + // Load the returndata and compare it. + if iszero(eq(mload(m), shl(224, onERC721ReceivedSelector))) { + mstore(0x00, 0xd1a57ed6) // `TransferToNonERC721ReceiverImplementer()`. + revert(0x1c, 0x04) + } + } + } +} + +abstract contract Ownable { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The caller is not authorized to call the function. + error Unauthorized(); + + /// @dev The `newOwner` cannot be the zero address. + error NewOwnerIsZeroAddress(); + + /// @dev The `pendingOwner` does not have a valid handover request. + error NoHandoverRequest(); + + /// @dev Cannot double-initialize. + error AlreadyInitialized(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* EVENTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The ownership is transferred from `oldOwner` to `newOwner`. + /// This event is intentionally kept the same as OpenZeppelin's Ownable to be + /// compatible with indexers and [EIP-173](https://eips.ethereum.org/EIPS/eip-173), + /// despite it not being as lightweight as a single argument event. + event OwnershipTransferred(address indexed oldOwner, address indexed newOwner); + + /// @dev An ownership handover to `pendingOwner` has been requested. + event OwnershipHandoverRequested(address indexed pendingOwner); + + /// @dev The ownership handover to `pendingOwner` has been canceled. + event OwnershipHandoverCanceled(address indexed pendingOwner); + + /// @dev `keccak256(bytes("OwnershipTransferred(address,address)"))`. + uint256 private constant _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE = + 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0; + + /// @dev `keccak256(bytes("OwnershipHandoverRequested(address)"))`. + uint256 private constant _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE = + 0xdbf36a107da19e49527a7176a1babf963b4b0ff8cde35ee35d6cd8f1f9ac7e1d; + + /// @dev `keccak256(bytes("OwnershipHandoverCanceled(address)"))`. + uint256 private constant _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE = + 0xfa7b8eab7da67f412cc9575ed43464468f9bfbae89d1675917346ca6d8fe3c92; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* STORAGE */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The owner slot is given by: + /// `bytes32(~uint256(uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))))`. + /// It is intentionally chosen to be a high value + /// to avoid collision with lower slots. + /// The choice of manual storage layout is to enable compatibility + /// with both regular and upgradeable contracts. + bytes32 internal constant _OWNER_SLOT = + 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffff74873927; + + /// The ownership handover slot of `newOwner` is given by: + /// ``` + /// mstore(0x00, or(shl(96, user), _HANDOVER_SLOT_SEED)) + /// let handoverSlot := keccak256(0x00, 0x20) + /// ``` + /// It stores the expiry timestamp of the two-step ownership handover. + uint256 private constant _HANDOVER_SLOT_SEED = 0x389a75e1; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* INTERNAL FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Override to return true to make `_initializeOwner` prevent double-initialization. + function _guardInitializeOwner() internal pure virtual returns (bool guard) {} + + /// @dev Initializes the owner directly without authorization guard. + /// This function must be called upon initialization, + /// regardless of whether the contract is upgradeable or not. + /// This is to enable generalization to both regular and upgradeable contracts, + /// and to save gas in case the initial owner is not the caller. + /// For performance reasons, this function will not check if there + /// is an existing owner. + function _initializeOwner(address newOwner) internal virtual { + if (_guardInitializeOwner()) { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + if sload(ownerSlot) { + mstore(0x00, 0x0dc149f0) // `AlreadyInitialized()`. + revert(0x1c, 0x04) + } + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Store the new value. + sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner)))) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner) + } + } else { + /// @solidity memory-safe-assembly + assembly { + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Store the new value. + sstore(_OWNER_SLOT, newOwner) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner) + } + } + } + + /// @dev Sets the owner directly without authorization guard. + function _setOwner(address newOwner) internal virtual { + if (_guardInitializeOwner()) { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner) + // Store the new value. + sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner)))) + } + } else { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner) + // Store the new value. + sstore(ownerSlot, newOwner) + } + } + } + + /// @dev Throws if the sender is not the owner. + function _checkOwner() internal view virtual { + /// @solidity memory-safe-assembly + assembly { + // If the caller is not the stored owner, revert. + if iszero(eq(caller(), sload(_OWNER_SLOT))) { + mstore(0x00, 0x82b42900) // `Unauthorized()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Returns how long a two-step ownership handover is valid for in seconds. + /// Override to return a different value if needed. + /// Made internal to conserve bytecode. Wrap it in a public function if needed. + function _ownershipHandoverValidFor() internal view virtual returns (uint64) { + return 48 * 3600; + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* PUBLIC UPDATE FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Allows the owner to transfer the ownership to `newOwner`. + function transferOwnership(address newOwner) public payable virtual onlyOwner { + /// @solidity memory-safe-assembly + assembly { + if iszero(shl(96, newOwner)) { + mstore(0x00, 0x7448fbae) // `NewOwnerIsZeroAddress()`. + revert(0x1c, 0x04) + } + } + _setOwner(newOwner); + } + + /// @dev Allows the owner to renounce their ownership. + function renounceOwnership() public payable virtual onlyOwner { + _setOwner(address(0)); + } + + /// @dev Request a two-step ownership handover to the caller. + /// The request will automatically expire in 48 hours (172800 seconds) by default. + function requestOwnershipHandover() public payable virtual { + unchecked { + uint256 expires = block.timestamp + _ownershipHandoverValidFor(); + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to `expires`. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, caller()) + sstore(keccak256(0x0c, 0x20), expires) + // Emit the {OwnershipHandoverRequested} event. + log2(0, 0, _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE, caller()) + } + } + } + + /// @dev Cancels the two-step ownership handover to the caller, if any. + function cancelOwnershipHandover() public payable virtual { + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to 0. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, caller()) + sstore(keccak256(0x0c, 0x20), 0) + // Emit the {OwnershipHandoverCanceled} event. + log2(0, 0, _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE, caller()) + } + } + + /// @dev Allows the owner to complete the two-step ownership handover to `pendingOwner`. + /// Reverts if there is no existing ownership handover requested by `pendingOwner`. + function completeOwnershipHandover(address pendingOwner) public payable virtual onlyOwner { + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to 0. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, pendingOwner) + let handoverSlot := keccak256(0x0c, 0x20) + // If the handover does not exist, or has expired. + if gt(timestamp(), sload(handoverSlot)) { + mstore(0x00, 0x6f5e8818) // `NoHandoverRequest()`. + revert(0x1c, 0x04) + } + // Set the handover slot to 0. + sstore(handoverSlot, 0) + } + _setOwner(pendingOwner); + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* PUBLIC READ FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the owner of the contract. + function owner() public view virtual returns (address result) { + /// @solidity memory-safe-assembly + assembly { + result := sload(_OWNER_SLOT) + } + } + + /// @dev Returns the expiry timestamp for the two-step ownership handover to `pendingOwner`. + function ownershipHandoverExpiresAt(address pendingOwner) + public + view + virtual + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + // Compute the handover slot. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, pendingOwner) + // Load the handover slot. + result := sload(keccak256(0x0c, 0x20)) + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* MODIFIERS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Marks a function as only callable by the owner. + modifier onlyOwner() virtual { + _checkOwner(); + _; + } +} + +library LibString { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The length of the output is too small to contain all the hex digits. + error HexLengthInsufficient(); + + /// @dev The length of the string is more than 32 bytes. + error TooBigForSmallString(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CONSTANTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The constant returned when the `search` is not found in the string. + uint256 internal constant NOT_FOUND = type(uint256).max; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* DECIMAL OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the base 10 decimal representation of `value`. + function toString(uint256 value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + // The maximum value of a uint256 contains 78 digits (1 byte per digit), but + // we allocate 0xa0 bytes to keep the free memory pointer 32-byte word aligned. + // We will need 1 word for the trailing zeros padding, 1 word for the length, + // and 3 words for a maximum of 78 digits. + str := add(mload(0x40), 0x80) + // Update the free memory pointer to allocate. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end of the memory to calculate the length later. + let end := str + + let w := not(0) // Tsk. + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let temp := value } 1 {} { + str := add(str, w) // `sub(str, 1)`. + // Write the character to the pointer. + // The ASCII index of the '0' character is 48. + mstore8(str, add(48, mod(temp, 10))) + // Keep dividing `temp` until zero. + temp := div(temp, 10) + if iszero(temp) { break } + } + + let length := sub(end, str) + // Move the pointer 32 bytes leftwards to make room for the length. + str := sub(str, 0x20) + // Store the length. + mstore(str, length) + } + } + + /// @dev Returns the base 10 decimal representation of `value`. + function toString(int256 value) internal pure returns (string memory str) { + if (value >= 0) { + return toString(uint256(value)); + } + unchecked { + str = toString(~uint256(value) + 1); + } + /// @solidity memory-safe-assembly + assembly { + // We still have some spare memory space on the left, + // as we have allocated 3 words (96 bytes) for up to 78 digits. + let length := mload(str) // Load the string length. + mstore(str, 0x2d) // Store the '-' character. + str := sub(str, 1) // Move back the string pointer by a byte. + mstore(str, add(length, 1)) // Update the string length. + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* HEXADECIMAL OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the hexadecimal representation of `value`, + /// left-padded to an input length of `length` bytes. + /// The output is prefixed with "0x" encoded using 2 hexadecimal digits per byte, + /// giving a total length of `length * 2 + 2` bytes. + /// Reverts if `length` is too small for the output to contain all the digits. + function toHexString(uint256 value, uint256 length) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value, length); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`, + /// left-padded to an input length of `length` bytes. + /// The output is prefixed with "0x" encoded using 2 hexadecimal digits per byte, + /// giving a total length of `length * 2` bytes. + /// Reverts if `length` is too small for the output to contain all the digits. + function toHexStringNoPrefix(uint256 value, uint256 length) + internal + pure + returns (string memory str) + { + /// @solidity memory-safe-assembly + assembly { + // We need 0x20 bytes for the trailing zeros padding, `length * 2` bytes + // for the digits, 0x02 bytes for the prefix, and 0x20 bytes for the length. + // We add 0x20 to the total and round down to a multiple of 0x20. + // (0x20 + 0x20 + 0x02 + 0x20) = 0x62. + str := add(mload(0x40), and(add(shl(1, length), 0x42), not(0x1f))) + // Allocate the memory. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end to calculate the length later. + let end := str + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let start := sub(str, add(length, length)) + let w := not(1) // Tsk. + let temp := value + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for {} 1 {} { + str := add(str, w) // `sub(str, 2)`. + mstore8(add(str, 1), mload(and(temp, 15))) + mstore8(str, mload(and(shr(4, temp), 15))) + temp := shr(8, temp) + if iszero(xor(str, start)) { break } + } + + if temp { + mstore(0x00, 0x2194895a) // `HexLengthInsufficient()`. + revert(0x1c, 0x04) + } + + // Compute the string's length. + let strLength := sub(end, str) + // Move the pointer and write the length. + str := sub(str, 0x20) + mstore(str, strLength) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x" and encoded using 2 hexadecimal digits per byte. + /// As address are 20 bytes long, the output will left-padded to have + /// a length of `20 * 2 + 2` bytes. + function toHexString(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x". + /// The output excludes leading "0" from the `toHexString` output. + /// `0x00: "0x0", 0x01: "0x1", 0x12: "0x12", 0x123: "0x123"`. + function toMinimalHexString(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let o := eq(byte(0, mload(add(str, 0x20))), 0x30) // Whether leading zero is present. + let strLength := add(mload(str), 2) // Compute the length. + mstore(add(str, o), 0x3078) // Write the "0x" prefix, accounting for leading zero. + str := sub(add(str, o), 2) // Move the pointer, accounting for leading zero. + mstore(str, sub(strLength, o)) // Write the length, accounting for leading zero. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output excludes leading "0" from the `toHexStringNoPrefix` output. + /// `0x00: "0", 0x01: "1", 0x12: "12", 0x123: "123"`. + function toMinimalHexStringNoPrefix(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let o := eq(byte(0, mload(add(str, 0x20))), 0x30) // Whether leading zero is present. + let strLength := mload(str) // Get the length. + str := add(str, o) // Move the pointer, accounting for leading zero. + mstore(str, sub(strLength, o)) // Write the length, accounting for leading zero. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is encoded using 2 hexadecimal digits per byte. + /// As address are 20 bytes long, the output will left-padded to have + /// a length of `20 * 2` bytes. + function toHexStringNoPrefix(uint256 value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + // We need 0x20 bytes for the trailing zeros padding, 0x20 bytes for the length, + // 0x02 bytes for the prefix, and 0x40 bytes for the digits. + // The next multiple of 0x20 above (0x20 + 0x20 + 0x02 + 0x40) is 0xa0. + str := add(mload(0x40), 0x80) + // Allocate the memory. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end to calculate the length later. + let end := str + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let w := not(1) // Tsk. + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let temp := value } 1 {} { + str := add(str, w) // `sub(str, 2)`. + mstore8(add(str, 1), mload(and(temp, 15))) + mstore8(str, mload(and(shr(4, temp), 15))) + temp := shr(8, temp) + if iszero(temp) { break } + } + + // Compute the string's length. + let strLength := sub(end, str) + // Move the pointer and write the length. + str := sub(str, 0x20) + mstore(str, strLength) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x", encoded using 2 hexadecimal digits per byte, + /// and the alphabets are capitalized conditionally according to + /// https://eips.ethereum.org/EIPS/eip-55 + function toHexStringChecksummed(address value) internal pure returns (string memory str) { + str = toHexString(value); + /// @solidity memory-safe-assembly + assembly { + let mask := shl(6, div(not(0), 255)) // `0b010000000100000000 ...` + let o := add(str, 0x22) + let hashed := and(keccak256(o, 40), mul(34, mask)) // `0b10001000 ... ` + let t := shl(240, 136) // `0b10001000 << 240` + for { let i := 0 } 1 {} { + mstore(add(i, i), mul(t, byte(i, hashed))) + i := add(i, 1) + if eq(i, 20) { break } + } + mstore(o, xor(mload(o), shr(1, and(mload(0x00), and(mload(o), mask))))) + o := add(o, 0x20) + mstore(o, xor(mload(o), shr(1, and(mload(0x20), and(mload(o), mask))))) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x" and encoded using 2 hexadecimal digits per byte. + function toHexString(address value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexStringNoPrefix(address value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + str := mload(0x40) + + // Allocate the memory. + // We need 0x20 bytes for the trailing zeros padding, 0x20 bytes for the length, + // 0x02 bytes for the prefix, and 0x28 bytes for the digits. + // The next multiple of 0x20 above (0x20 + 0x20 + 0x02 + 0x28) is 0x80. + mstore(0x40, add(str, 0x80)) + + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + str := add(str, 2) + mstore(str, 40) + + let o := add(str, 0x20) + mstore(add(o, 40), 0) + + value := shl(96, value) + + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let i := 0 } 1 {} { + let p := add(o, add(i, i)) + let temp := byte(i, value) + mstore8(add(p, 1), mload(and(temp, 15))) + mstore8(p, mload(shr(4, temp))) + i := add(i, 1) + if eq(i, 20) { break } + } + } + } + + /// @dev Returns the hex encoded string from the raw bytes. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexString(bytes memory raw) internal pure returns (string memory str) { + str = toHexStringNoPrefix(raw); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hex encoded string from the raw bytes. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexStringNoPrefix(bytes memory raw) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + let length := mload(raw) + str := add(mload(0x40), 2) // Skip 2 bytes for the optional prefix. + mstore(str, add(length, length)) // Store the length of the output. + + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let o := add(str, 0x20) + let end := add(raw, length) + + for {} iszero(eq(raw, end)) {} { + raw := add(raw, 1) + mstore8(add(o, 1), mload(and(mload(raw), 15))) + mstore8(o, mload(and(shr(4, mload(raw)), 15))) + o := add(o, 2) + } + mstore(o, 0) // Zeroize the slot after the string. + mstore(0x40, add(o, 0x20)) // Allocate the memory. + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* RUNE STRING OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the number of UTF characters in the string. + function runeCount(string memory s) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + if mload(s) { + mstore(0x00, div(not(0), 255)) + mstore(0x20, 0x0202020202020202020202020202020202020202020202020303030304040506) + let o := add(s, 0x20) + let end := add(o, mload(s)) + for { result := 1 } 1 { result := add(result, 1) } { + o := add(o, byte(0, mload(shr(250, mload(o))))) + if iszero(lt(o, end)) { break } + } + } + } + } + + /// @dev Returns if this string is a 7-bit ASCII string. + /// (i.e. all characters codes are in [0..127]) + function is7BitASCII(string memory s) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let mask := shl(7, div(not(0), 255)) + result := 1 + let n := mload(s) + if n { + let o := add(s, 0x20) + let end := add(o, n) + let last := mload(end) + mstore(end, 0) + for {} 1 {} { + if and(mask, mload(o)) { + result := 0 + break + } + o := add(o, 0x20) + if iszero(lt(o, end)) { break } + } + mstore(end, last) + } + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* BYTE STRING OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + // For performance and bytecode compactness, byte string operations are restricted + // to 7-bit ASCII strings. All offsets are byte offsets, not UTF character offsets. + // Usage of byte string operations on charsets with runes spanning two or more bytes + // can lead to undefined behavior. + + /// @dev Returns `subject` all occurrences of `search` replaced with `replacement`. + function replace(string memory subject, string memory search, string memory replacement) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + let searchLength := mload(search) + let replacementLength := mload(replacement) + + subject := add(subject, 0x20) + search := add(search, 0x20) + replacement := add(replacement, 0x20) + result := add(mload(0x40), 0x20) + + let subjectEnd := add(subject, subjectLength) + if iszero(gt(searchLength, subjectLength)) { + let subjectSearchEnd := add(sub(subjectEnd, searchLength), 1) + let h := 0 + if iszero(lt(searchLength, 0x20)) { h := keccak256(search, searchLength) } + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(search) + for {} 1 {} { + let t := mload(subject) + // Whether the first `searchLength % 32` bytes of + // `subject` and `search` matches. + if iszero(shr(m, xor(t, s))) { + if h { + if iszero(eq(keccak256(subject, searchLength), h)) { + mstore(result, t) + result := add(result, 1) + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + // Copy the `replacement` one word at a time. + for { let o := 0 } 1 {} { + mstore(add(result, o), mload(add(replacement, o))) + o := add(o, 0x20) + if iszero(lt(o, replacementLength)) { break } + } + result := add(result, replacementLength) + subject := add(subject, searchLength) + if searchLength { + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + mstore(result, t) + result := add(result, 1) + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + } + } + + let resultRemainder := result + result := add(mload(0x40), 0x20) + let k := add(sub(resultRemainder, result), sub(subjectEnd, subject)) + // Copy the rest of the string one word at a time. + for {} lt(subject, subjectEnd) {} { + mstore(resultRemainder, mload(subject)) + resultRemainder := add(resultRemainder, 0x20) + subject := add(subject, 0x20) + } + result := sub(result, 0x20) + let last := add(add(result, 0x20), k) // Zeroize the slot after the string. + mstore(last, 0) + mstore(0x40, add(last, 0x20)) // Allocate the memory. + mstore(result, k) // Store the length. + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from left to right, starting from `from`. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function indexOf(string memory subject, string memory search, uint256 from) + internal + pure + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + for { let subjectLength := mload(subject) } 1 {} { + if iszero(mload(search)) { + if iszero(gt(from, subjectLength)) { + result := from + break + } + result := subjectLength + break + } + let searchLength := mload(search) + let subjectStart := add(subject, 0x20) + + result := not(0) // Initialize to `NOT_FOUND`. + + subject := add(subjectStart, from) + let end := add(sub(add(subjectStart, subjectLength), searchLength), 1) + + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(add(search, 0x20)) + + if iszero(and(lt(subject, end), lt(from, subjectLength))) { break } + + if iszero(lt(searchLength, 0x20)) { + for { let h := keccak256(add(search, 0x20), searchLength) } 1 {} { + if iszero(shr(m, xor(mload(subject), s))) { + if eq(keccak256(subject, searchLength), h) { + result := sub(subject, subjectStart) + break + } + } + subject := add(subject, 1) + if iszero(lt(subject, end)) { break } + } + break + } + for {} 1 {} { + if iszero(shr(m, xor(mload(subject), s))) { + result := sub(subject, subjectStart) + break + } + subject := add(subject, 1) + if iszero(lt(subject, end)) { break } + } + break + } + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from left to right. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function indexOf(string memory subject, string memory search) + internal + pure + returns (uint256 result) + { + result = indexOf(subject, search, 0); + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from right to left, starting from `from`. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function lastIndexOf(string memory subject, string memory search, uint256 from) + internal + pure + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + for {} 1 {} { + result := not(0) // Initialize to `NOT_FOUND`. + let searchLength := mload(search) + if gt(searchLength, mload(subject)) { break } + let w := result + + let fromMax := sub(mload(subject), searchLength) + if iszero(gt(fromMax, from)) { from := fromMax } + + let end := add(add(subject, 0x20), w) + subject := add(add(subject, 0x20), from) + if iszero(gt(subject, end)) { break } + // As this function is not too often used, + // we shall simply use keccak256 for smaller bytecode size. + for { let h := keccak256(add(search, 0x20), searchLength) } 1 {} { + if eq(keccak256(subject, searchLength), h) { + result := sub(subject, add(end, 1)) + break + } + subject := add(subject, w) // `sub(subject, 1)`. + if iszero(gt(subject, end)) { break } + } + break + } + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from right to left. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function lastIndexOf(string memory subject, string memory search) + internal + pure + returns (uint256 result) + { + result = lastIndexOf(subject, search, uint256(int256(-1))); + } + + /// @dev Returns true if `search` is found in `subject`, false otherwise. + function contains(string memory subject, string memory search) internal pure returns (bool) { + return indexOf(subject, search) != NOT_FOUND; + } + + /// @dev Returns whether `subject` starts with `search`. + function startsWith(string memory subject, string memory search) + internal + pure + returns (bool result) + { + /// @solidity memory-safe-assembly + assembly { + let searchLength := mload(search) + // Just using keccak256 directly is actually cheaper. + // forgefmt: disable-next-item + result := and( + iszero(gt(searchLength, mload(subject))), + eq( + keccak256(add(subject, 0x20), searchLength), + keccak256(add(search, 0x20), searchLength) + ) + ) + } + } + + /// @dev Returns whether `subject` ends with `search`. + function endsWith(string memory subject, string memory search) + internal + pure + returns (bool result) + { + /// @solidity memory-safe-assembly + assembly { + let searchLength := mload(search) + let subjectLength := mload(subject) + // Whether `search` is not longer than `subject`. + let withinRange := iszero(gt(searchLength, subjectLength)) + // Just using keccak256 directly is actually cheaper. + // forgefmt: disable-next-item + result := and( + withinRange, + eq( + keccak256( + // `subject + 0x20 + max(subjectLength - searchLength, 0)`. + add(add(subject, 0x20), mul(withinRange, sub(subjectLength, searchLength))), + searchLength + ), + keccak256(add(search, 0x20), searchLength) + ) + ) + } + } + + /// @dev Returns `subject` repeated `times`. + function repeat(string memory subject, uint256 times) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + if iszero(or(iszero(times), iszero(subjectLength))) { + subject := add(subject, 0x20) + result := mload(0x40) + let output := add(result, 0x20) + for {} 1 {} { + // Copy the `subject` one word at a time. + for { let o := 0 } 1 {} { + mstore(add(output, o), mload(add(subject, o))) + o := add(o, 0x20) + if iszero(lt(o, subjectLength)) { break } + } + output := add(output, subjectLength) + times := sub(times, 1) + if iszero(times) { break } + } + mstore(output, 0) // Zeroize the slot after the string. + let resultLength := sub(output, add(result, 0x20)) + mstore(result, resultLength) // Store the length. + // Allocate the memory. + mstore(0x40, add(result, add(resultLength, 0x20))) + } + } + } + + /// @dev Returns a copy of `subject` sliced from `start` to `end` (exclusive). + /// `start` and `end` are byte offsets. + function slice(string memory subject, uint256 start, uint256 end) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + if iszero(gt(subjectLength, end)) { end := subjectLength } + if iszero(gt(subjectLength, start)) { start := subjectLength } + if lt(start, end) { + result := mload(0x40) + let resultLength := sub(end, start) + mstore(result, resultLength) + subject := add(subject, start) + let w := not(0x1f) + // Copy the `subject` one word at a time, backwards. + for { let o := and(add(resultLength, 0x1f), w) } 1 {} { + mstore(add(result, o), mload(add(subject, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + // Zeroize the slot after the string. + mstore(add(add(result, 0x20), resultLength), 0) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, add(result, and(add(resultLength, 0x3f), w))) + } + } + } + + /// @dev Returns a copy of `subject` sliced from `start` to the end of the string. + /// `start` is a byte offset. + function slice(string memory subject, uint256 start) + internal + pure + returns (string memory result) + { + result = slice(subject, start, uint256(int256(-1))); + } + + /// @dev Returns all the indices of `search` in `subject`. + /// The indices are byte offsets. + function indicesOf(string memory subject, string memory search) + internal + pure + returns (uint256[] memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + let searchLength := mload(search) + + if iszero(gt(searchLength, subjectLength)) { + subject := add(subject, 0x20) + search := add(search, 0x20) + result := add(mload(0x40), 0x20) + + let subjectStart := subject + let subjectSearchEnd := add(sub(add(subject, subjectLength), searchLength), 1) + let h := 0 + if iszero(lt(searchLength, 0x20)) { h := keccak256(search, searchLength) } + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(search) + for {} 1 {} { + let t := mload(subject) + // Whether the first `searchLength % 32` bytes of + // `subject` and `search` matches. + if iszero(shr(m, xor(t, s))) { + if h { + if iszero(eq(keccak256(subject, searchLength), h)) { + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + // Append to `result`. + mstore(result, sub(subject, subjectStart)) + result := add(result, 0x20) + // Advance `subject` by `searchLength`. + subject := add(subject, searchLength) + if searchLength { + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + } + let resultEnd := result + // Assign `result` to the free memory pointer. + result := mload(0x40) + // Store the length of `result`. + mstore(result, shr(5, sub(resultEnd, add(result, 0x20)))) + // Allocate memory for result. + // We allocate one more word, so this array can be recycled for {split}. + mstore(0x40, add(resultEnd, 0x20)) + } + } + } + + /// @dev Returns a arrays of strings based on the `delimiter` inside of the `subject` string. + function split(string memory subject, string memory delimiter) + internal + pure + returns (string[] memory result) + { + uint256[] memory indices = indicesOf(subject, delimiter); + /// @solidity memory-safe-assembly + assembly { + let w := not(0x1f) + let indexPtr := add(indices, 0x20) + let indicesEnd := add(indexPtr, shl(5, add(mload(indices), 1))) + mstore(add(indicesEnd, w), mload(subject)) + mstore(indices, add(mload(indices), 1)) + let prevIndex := 0 + for {} 1 {} { + let index := mload(indexPtr) + mstore(indexPtr, 0x60) + if iszero(eq(index, prevIndex)) { + let element := mload(0x40) + let elementLength := sub(index, prevIndex) + mstore(element, elementLength) + // Copy the `subject` one word at a time, backwards. + for { let o := and(add(elementLength, 0x1f), w) } 1 {} { + mstore(add(element, o), mload(add(add(subject, prevIndex), o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + // Zeroize the slot after the string. + mstore(add(add(element, 0x20), elementLength), 0) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, add(element, and(add(elementLength, 0x3f), w))) + // Store the `element` into the array. + mstore(indexPtr, element) + } + prevIndex := add(index, mload(delimiter)) + indexPtr := add(indexPtr, 0x20) + if iszero(lt(indexPtr, indicesEnd)) { break } + } + result := indices + if iszero(mload(delimiter)) { + result := add(indices, 0x20) + mstore(result, sub(mload(indices), 2)) + } + } + } + + /// @dev Returns a concatenated string of `a` and `b`. + /// Cheaper than `string.concat()` and does not de-align the free memory pointer. + function concat(string memory a, string memory b) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let w := not(0x1f) + result := mload(0x40) + let aLength := mload(a) + // Copy `a` one word at a time, backwards. + for { let o := and(add(aLength, 0x20), w) } 1 {} { + mstore(add(result, o), mload(add(a, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + let bLength := mload(b) + let output := add(result, aLength) + // Copy `b` one word at a time, backwards. + for { let o := and(add(bLength, 0x20), w) } 1 {} { + mstore(add(output, o), mload(add(b, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + let totalLength := add(aLength, bLength) + let last := add(add(result, 0x20), totalLength) + // Zeroize the slot after the string. + mstore(last, 0) + // Stores the length. + mstore(result, totalLength) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, and(add(last, 0x1f), w)) + } + } + + /// @dev Returns a copy of the string in either lowercase or UPPERCASE. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function toCase(string memory subject, bool toUpper) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let length := mload(subject) + if length { + result := add(mload(0x40), 0x20) + subject := add(subject, 1) + let flags := shl(add(70, shl(5, toUpper)), 0x3ffffff) + let w := not(0) + for { let o := length } 1 {} { + o := add(o, w) + let b := and(0xff, mload(add(subject, o))) + mstore8(add(result, o), xor(b, and(shr(b, flags), 0x20))) + if iszero(o) { break } + } + result := mload(0x40) + mstore(result, length) // Store the length. + let last := add(add(result, 0x20), length) + mstore(last, 0) // Zeroize the slot after the string. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + } + + /// @dev Returns a string from a small bytes32 string. + /// `s` must be null-terminated, or behavior will be undefined. + function fromSmallString(bytes32 s) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + result := mload(0x40) + let n := 0 + for {} byte(n, s) { n := add(n, 1) } {} // Scan for '\0'. + mstore(result, n) + let o := add(result, 0x20) + mstore(o, s) + mstore(add(o, n), 0) + mstore(0x40, add(result, 0x40)) + } + } + + /// @dev Returns the small string, with all bytes after the first null byte zeroized. + function normalizeSmallString(bytes32 s) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + for {} byte(result, s) { result := add(result, 1) } {} // Scan for '\0'. + mstore(0x00, s) + mstore(result, 0x00) + result := mload(0x00) + } + } + + /// @dev Returns the string as a normalized null-terminated small string. + function toSmallString(string memory s) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + result := mload(s) + if iszero(lt(result, 33)) { + mstore(0x00, 0xec92f9a3) // `TooBigForSmallString()`. + revert(0x1c, 0x04) + } + result := shl(shl(3, sub(32, result)), mload(add(s, result))) + } + } + + /// @dev Returns a lowercased copy of the string. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function lower(string memory subject) internal pure returns (string memory result) { + result = toCase(subject, false); + } + + /// @dev Returns an UPPERCASED copy of the string. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function upper(string memory subject) internal pure returns (string memory result) { + result = toCase(subject, true); + } + + /// @dev Escapes the string to be used within HTML tags. + function escapeHTML(string memory s) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + let end := add(s, mload(s)) + result := add(mload(0x40), 0x20) + // Store the bytes of the packed offsets and strides into the scratch space. + // `packed = (stride << 5) | offset`. Max offset is 20. Max stride is 6. + mstore(0x1f, 0x900094) + mstore(0x08, 0xc0000000a6ab) + // Store ""&'<>" into the scratch space. + mstore(0x00, shl(64, 0x2671756f743b26616d703b262333393b266c743b2667743b)) + for {} iszero(eq(s, end)) {} { + s := add(s, 1) + let c := and(mload(s), 0xff) + // Not in `["\"","'","&","<",">"]`. + if iszero(and(shl(c, 1), 0x500000c400000000)) { + mstore8(result, c) + result := add(result, 1) + continue + } + let t := shr(248, mload(c)) + mstore(result, mload(and(t, 0x1f))) + result := add(result, shr(5, t)) + } + let last := result + mstore(last, 0) // Zeroize the slot after the string. + result := mload(0x40) + mstore(result, sub(last, add(result, 0x20))) // Store the length. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + + /// @dev Escapes the string to be used within double-quotes in a JSON. + /// If `addDoubleQuotes` is true, the result will be enclosed in double-quotes. + function escapeJSON(string memory s, bool addDoubleQuotes) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let end := add(s, mload(s)) + result := add(mload(0x40), 0x20) + if addDoubleQuotes { + mstore8(result, 34) + result := add(1, result) + } + // Store "\\u0000" in scratch space. + // Store "0123456789abcdef" in scratch space. + // Also, store `{0x08:"b", 0x09:"t", 0x0a:"n", 0x0c:"f", 0x0d:"r"}`. + // into the scratch space. + mstore(0x15, 0x5c75303030303031323334353637383961626364656662746e006672) + // Bitmask for detecting `["\"","\\"]`. + let e := or(shl(0x22, 1), shl(0x5c, 1)) + for {} iszero(eq(s, end)) {} { + s := add(s, 1) + let c := and(mload(s), 0xff) + if iszero(lt(c, 0x20)) { + if iszero(and(shl(c, 1), e)) { + // Not in `["\"","\\"]`. + mstore8(result, c) + result := add(result, 1) + continue + } + mstore8(result, 0x5c) // "\\". + mstore8(add(result, 1), c) + result := add(result, 2) + continue + } + if iszero(and(shl(c, 1), 0x3700)) { + // Not in `["\b","\t","\n","\f","\d"]`. + mstore8(0x1d, mload(shr(4, c))) // Hex value. + mstore8(0x1e, mload(and(c, 15))) // Hex value. + mstore(result, mload(0x19)) // "\\u00XX". + result := add(result, 6) + continue + } + mstore8(result, 0x5c) // "\\". + mstore8(add(result, 1), mload(add(c, 8))) + result := add(result, 2) + } + if addDoubleQuotes { + mstore8(result, 34) + result := add(1, result) + } + let last := result + mstore(last, 0) // Zeroize the slot after the string. + result := mload(0x40) + mstore(result, sub(last, add(result, 0x20))) // Store the length. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + + /// @dev Escapes the string to be used within double-quotes in a JSON. + function escapeJSON(string memory s) internal pure returns (string memory result) { + result = escapeJSON(s, false); + } + + /// @dev Returns whether `a` equals `b`. + function eq(string memory a, string memory b) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := eq(keccak256(add(a, 0x20), mload(a)), keccak256(add(b, 0x20), mload(b))) + } + } + + /// @dev Returns whether `a` equals `b`, where `b` is a null-terminated small string. + function eqs(string memory a, bytes32 b) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + // These should be evaluated on compile time, as far as possible. + let m := not(shl(7, div(not(iszero(b)), 255))) // `0x7f7f ...`. + let x := not(or(m, or(b, add(m, and(b, m))))) + let r := shl(7, iszero(iszero(shr(128, x)))) + r := or(r, shl(6, iszero(iszero(shr(64, shr(r, x)))))) + r := or(r, shl(5, lt(0xffffffff, shr(r, x)))) + r := or(r, shl(4, lt(0xffff, shr(r, x)))) + r := or(r, shl(3, lt(0xff, shr(r, x)))) + // forgefmt: disable-next-item + result := gt(eq(mload(a), add(iszero(x), xor(31, shr(3, r)))), + xor(shr(add(8, r), b), shr(add(8, r), mload(add(a, 0x20))))) + } + } + + /// @dev Packs a single string with its length into a single word. + /// Returns `bytes32(0)` if the length is zero or greater than 31. + function packOne(string memory a) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + // We don't need to zero right pad the string, + // since this is our own custom non-standard packing scheme. + result := + mul( + // Load the length and the bytes. + mload(add(a, 0x1f)), + // `length != 0 && length < 32`. Abuses underflow. + // Assumes that the length is valid and within the block gas limit. + lt(sub(mload(a), 1), 0x1f) + ) + } + } + + /// @dev Unpacks a string packed using {packOne}. + /// Returns the empty string if `packed` is `bytes32(0)`. + /// If `packed` is not an output of {packOne}, the output behavior is undefined. + function unpackOne(bytes32 packed) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + // Grab the free memory pointer. + result := mload(0x40) + // Allocate 2 words (1 for the length, 1 for the bytes). + mstore(0x40, add(result, 0x40)) + // Zeroize the length slot. + mstore(result, 0) + // Store the length and bytes. + mstore(add(result, 0x1f), packed) + // Right pad with zeroes. + mstore(add(add(result, 0x20), mload(result)), 0) + } + } + + /// @dev Packs two strings with their lengths into a single word. + /// Returns `bytes32(0)` if combined length is zero or greater than 30. + function packTwo(string memory a, string memory b) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + let aLength := mload(a) + // We don't need to zero right pad the strings, + // since this is our own custom non-standard packing scheme. + result := + mul( + // Load the length and the bytes of `a` and `b`. + or( + shl(shl(3, sub(0x1f, aLength)), mload(add(a, aLength))), + mload(sub(add(b, 0x1e), aLength)) + ), + // `totalLength != 0 && totalLength < 31`. Abuses underflow. + // Assumes that the lengths are valid and within the block gas limit. + lt(sub(add(aLength, mload(b)), 1), 0x1e) + ) + } + } + + /// @dev Unpacks strings packed using {packTwo}. + /// Returns the empty strings if `packed` is `bytes32(0)`. + /// If `packed` is not an output of {packTwo}, the output behavior is undefined. + function unpackTwo(bytes32 packed) + internal + pure + returns (string memory resultA, string memory resultB) + { + /// @solidity memory-safe-assembly + assembly { + // Grab the free memory pointer. + resultA := mload(0x40) + resultB := add(resultA, 0x40) + // Allocate 2 words for each string (1 for the length, 1 for the byte). Total 4 words. + mstore(0x40, add(resultB, 0x40)) + // Zeroize the length slots. + mstore(resultA, 0) + mstore(resultB, 0) + // Store the lengths and bytes. + mstore(add(resultA, 0x1f), packed) + mstore(add(resultB, 0x1f), mload(add(add(resultA, 0x20), mload(resultA)))) + // Right pad with zeroes. + mstore(add(add(resultA, 0x20), mload(resultA)), 0) + mstore(add(add(resultB, 0x20), mload(resultB)), 0) + } + } + + /// @dev Directly returns `a` without copying. + function directReturn(string memory a) internal pure { + assembly { + // Assumes that the string does not start from the scratch space. + let retStart := sub(a, 0x20) + let retSize := add(mload(a), 0x40) + // Right pad with zeroes. Just in case the string is produced + // by a method that doesn't zero right pad. + mstore(add(retStart, retSize), 0) + // Store the return offset. + mstore(retStart, 0x20) + // End the transaction, returning the string. + return(retStart, retSize) + } + } +} + +library SafeTransferLib { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The ETH transfer has failed. + error ETHTransferFailed(); + + /// @dev The ERC20 `transferFrom` has failed. + error TransferFromFailed(); + + /// @dev The ERC20 `transfer` has failed. + error TransferFailed(); + + /// @dev The ERC20 `approve` has failed. + error ApproveFailed(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CONSTANTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Suggested gas stipend for contract receiving ETH that disallows any storage writes. + uint256 internal constant GAS_STIPEND_NO_STORAGE_WRITES = 2300; + + /// @dev Suggested gas stipend for contract receiving ETH to perform a few + /// storage reads and writes, but low enough to prevent griefing. + uint256 internal constant GAS_STIPEND_NO_GRIEF = 100000; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* ETH OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + // If the ETH transfer MUST succeed with a reasonable gas budget, use the force variants. + // + // The regular variants: + // - Forwards all remaining gas to the target. + // - Reverts if the target reverts. + // - Reverts if the current contract has insufficient balance. + // + // The force variants: + // - Forwards with an optional gas stipend + // (defaults to `GAS_STIPEND_NO_GRIEF`, which is sufficient for most cases). + // - If the target reverts, or if the gas stipend is exhausted, + // creates a temporary contract to force send the ETH via `SELFDESTRUCT`. + // Future compatible with `SENDALL`: https://eips.ethereum.org/EIPS/eip-4758. + // - Reverts if the current contract has insufficient balance. + // + // The try variants: + // - Forwards with a mandatory gas stipend. + // - Instead of reverting, returns whether the transfer succeeded. + + /// @dev Sends `amount` (in wei) ETH to `to`. + function safeTransferETH(address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + if iszero(call(gas(), to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Sends all the ETH in the current contract to `to`. + function safeTransferAllETH(address to) internal { + /// @solidity memory-safe-assembly + assembly { + // Transfer all the ETH and check if it succeeded or not. + if iszero(call(gas(), to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Force sends `amount` (in wei) ETH to `to`, with a `gasStipend`. + function forceSafeTransferETH(address to, uint256 amount, uint256 gasStipend) internal { + /// @solidity memory-safe-assembly + assembly { + if lt(selfbalance(), amount) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + if iszero(call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends all the ETH in the current contract to `to`, with a `gasStipend`. + function forceSafeTransferAllETH(address to, uint256 gasStipend) internal { + /// @solidity memory-safe-assembly + assembly { + if iszero(call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends `amount` (in wei) ETH to `to`, with `GAS_STIPEND_NO_GRIEF`. + function forceSafeTransferETH(address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + if lt(selfbalance(), amount) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + if iszero(call(GAS_STIPEND_NO_GRIEF, to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends all the ETH in the current contract to `to`, with `GAS_STIPEND_NO_GRIEF`. + function forceSafeTransferAllETH(address to) internal { + /// @solidity memory-safe-assembly + assembly { + // forgefmt: disable-next-item + if iszero(call(GAS_STIPEND_NO_GRIEF, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Sends `amount` (in wei) ETH to `to`, with a `gasStipend`. + function trySafeTransferETH(address to, uint256 amount, uint256 gasStipend) + internal + returns (bool success) + { + /// @solidity memory-safe-assembly + assembly { + success := call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00) + } + } + + /// @dev Sends all the ETH in the current contract to `to`, with a `gasStipend`. + function trySafeTransferAllETH(address to, uint256 gasStipend) + internal + returns (bool success) + { + /// @solidity memory-safe-assembly + assembly { + success := call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00) + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* ERC20 OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Sends `amount` of ERC20 `token` from `from` to `to`. + /// Reverts upon failure. + /// + /// The `from` account must have at least `amount` approved for + /// the current contract to manage. + function safeTransferFrom(address token, address from, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) // Cache the free memory pointer. + mstore(0x60, amount) // Store the `amount` argument. + mstore(0x40, to) // Store the `to` argument. + mstore(0x2c, shl(96, from)) // Store the `from` argument. + mstore(0x0c, 0x23b872dd000000000000000000000000) // `transferFrom(address,address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x60, 0) // Restore the zero slot to zero. + mstore(0x40, m) // Restore the free memory pointer. + } + } + + /// @dev Sends all of ERC20 `token` from `from` to `to`. + /// Reverts upon failure. + /// + /// The `from` account must have their entire balance approved for + /// the current contract to manage. + function safeTransferAllFrom(address token, address from, address to) + internal + returns (uint256 amount) + { + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) // Cache the free memory pointer. + mstore(0x40, to) // Store the `to` argument. + mstore(0x2c, shl(96, from)) // Store the `from` argument. + mstore(0x0c, 0x70a08231000000000000000000000000) // `balanceOf(address)`. + // Read the balance, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x1c, 0x24, 0x60, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x00, 0x23b872dd) // `transferFrom(address,address,uint256)`. + amount := mload(0x60) // The `amount` is already at 0x60. We'll need to return it. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x60, 0) // Restore the zero slot to zero. + mstore(0x40, m) // Restore the free memory pointer. + } + } + + /// @dev Sends `amount` of ERC20 `token` from the current contract to `to`. + /// Reverts upon failure. + function safeTransfer(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sends all of ERC20 `token` from the current contract to `to`. + /// Reverts upon failure. + function safeTransferAll(address token, address to) internal returns (uint256 amount) { + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x70a08231) // Store the function selector of `balanceOf(address)`. + mstore(0x20, address()) // Store the address of the current contract. + // Read the balance, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x1c, 0x24, 0x34, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x14, to) // Store the `to` argument. + amount := mload(0x34) // The `amount` is already at 0x34. We'll need to return it. + mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract. + /// Reverts upon failure. + function safeApprove(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + // Perform the approval, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract. + /// If the initial attempt to approve fails, attempts to reset the approved amount to zero, + /// then retries the approval again (some tokens, e.g. USDT, requires this). + /// Reverts upon failure. + function safeApproveWithRetry(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + // Perform the approval, retrying upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x34, 0) // Store 0 for the `amount`. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + pop(call(gas(), token, 0, 0x10, 0x44, codesize(), 0x00)) // Reset the approval. + mstore(0x34, amount) // Store back the original `amount`. + // Retry the approval, reverting upon failure. + if iszero( + and( + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`. + revert(0x1c, 0x04) + } + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Returns the amount of ERC20 `token` owned by `account`. + /// Returns zero if the `token` does not exist. + function balanceOf(address token, address account) internal view returns (uint256 amount) { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, account) // Store the `account` argument. + mstore(0x00, 0x70a08231000000000000000000000000) // `balanceOf(address)`. + amount := + mul( + mload(0x20), + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x10, 0x24, 0x20, 0x20) + ) + ) + } + } +} + +library MerkleProofLib { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* MERKLE PROOF VERIFICATION OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`. + function verify(bytes32[] memory proof, bytes32 root, bytes32 leaf) + internal + pure + returns (bool isValid) + { + /// @solidity memory-safe-assembly + assembly { + if mload(proof) { + // Initialize `offset` to the offset of `proof` elements in memory. + let offset := add(proof, 0x20) + // Left shift by 5 is equivalent to multiplying by 0x20. + let end := add(offset, shl(5, mload(proof))) + // Iterate over proof elements to compute root hash. + for {} 1 {} { + // Slot of `leaf` in scratch space. + // If the condition is true: 0x20, otherwise: 0x00. + let scratch := shl(5, gt(leaf, mload(offset))) + // Store elements to hash contiguously in scratch space. + // Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes. + mstore(scratch, leaf) + mstore(xor(scratch, 0x20), mload(offset)) + // Reuse `leaf` to store the hash to reduce stack operations. + leaf := keccak256(0x00, 0x40) + offset := add(offset, 0x20) + if iszero(lt(offset, end)) { break } + } + } + isValid := eq(leaf, root) + } + } + + /// @dev Returns whether `leaf` exists in the Merkle tree with `root`, given `proof`. + function verifyCalldata(bytes32[] calldata proof, bytes32 root, bytes32 leaf) + internal + pure + returns (bool isValid) + { + /// @solidity memory-safe-assembly + assembly { + if proof.length { + // Left shift by 5 is equivalent to multiplying by 0x20. + let end := add(proof.offset, shl(5, proof.length)) + // Initialize `offset` to the offset of `proof` in the calldata. + let offset := proof.offset + // Iterate over proof elements to compute root hash. + for {} + +// SPDX-License-Identifier: MIT +/** + * @title NFTMintDN404 + * @notice Sample DN404 contract that demonstrates the owner selling NFTs rather than the fungible token. + * The underlying call still mints ERC20 tokens, but to the end user it'll appear as a standard NFT mint. + * Each address is limited to MAX_PER_WALLET total mints. + */ +contract NFTMintDN404 is DN404, Ownable { + string private _name; + string private _symbol; + string private _baseURI; + bytes32 private _allowlistRoot; + uint96 public publicPrice; // uint96 is sufficient to represent all ETH in existence. + uint96 public allowlistPrice; // uint96 is sufficient to represent all ETH in existence. + uint32 public totalMinted; // DN404 only supports up to `2**32 - 2` tokens. + bool public live; + + uint32 public constant MAX_PER_WALLET = 5; + uint32 public constant MAX_SUPPLY = 5000; + + error InvalidProof(); + error InvalidMint(); + error InvalidPrice(); + error TotalSupplyReached(); + error NotLive(); + + constructor( + string memory name_, + string memory symbol_, + bytes32 allowlistRoot_, + uint96 publicPrice_, + uint96 allowlistPrice_, + uint96 initialTokenSupply, + address initialSupplyOwner + ) { + _initializeOwner(msg.sender); + + _name = name_; + _symbol = symbol_; + _allowlistRoot = allowlistRoot_; + publicPrice = publicPrice_; + allowlistPrice = allowlistPrice_; + + address mirror = address(new DN404Mirror(msg.sender)); + _initializeDN404(initialTokenSupply, initialSupplyOwner, mirror); + } + + modifier onlyLive() { + if (!live) { + revert NotLive(); + } + _; + } + + modifier checkPrice(uint256 price, uint256 nftAmount) { + if (price * nftAmount != msg.value) { + revert InvalidPrice(); + } + _; + } + + modifier checkAndUpdateTotalMinted(uint256 nftAmount) { + uint256 newTotalMinted = uint256(totalMinted) + nftAmount; + if (newTotalMinted > MAX_SUPPLY) { + revert TotalSupplyReached(); + } + totalMinted = uint32(newTotalMinted); + _; + } + + modifier checkAndUpdateBuyerMintCount(uint256 nftAmount) { + uint256 currentMintCount = _getAux(msg.sender); + uint256 newMintCount = currentMintCount + nftAmount; + if (newMintCount > MAX_PER_WALLET) { + revert InvalidMint(); + } + _setAux(msg.sender, uint88(newMintCount)); + _; + } + + function mint(uint256 nftAmount) + public + payable + onlyLive + checkPrice(publicPrice, nftAmount) + checkAndUpdateBuyerMintCount(nftAmount) + checkAndUpdateTotalMinted(nftAmount) + { + _mint(msg.sender, nftAmount * _unit()); + } + + function allowlistMint(uint256 nftAmount, bytes32[] calldata proof) + public + payable + onlyLive + checkPrice(allowlistPrice, nftAmount) + checkAndUpdateBuyerMintCount(nftAmount) + checkAndUpdateTotalMinted(nftAmount) + { + bytes32 leaf = keccak256(abi.encodePacked(msg.sender)); + if (!MerkleProofLib.verifyCalldata(proof, _allowlistRoot, leaf)) { + revert InvalidProof(); + } + _mint(msg.sender, nftAmount * _unit()); + } + + function setBaseURI(string calldata baseURI_) public onlyOwner { + _baseURI = baseURI_; + } + + function setPrices(uint96 publicPrice_, uint96 allowlistPrice_) public onlyOwner { + publicPrice = publicPrice_; + allowlistPrice = allowlistPrice_; + } + + function toggleLive() public onlyOwner { + live = !live; + } + + function withdraw() public onlyOwner { + SafeTransferLib.safeTransferAllETH(msg.sender); + } + + function name() public view override returns (string memory) { + return _name; + } + + function symbol() public view override returns (string memory) { + return _symbol; + } + + function tokenURI(uint256 tokenId) public view override returns (string memory result) { + if (bytes(_baseURI).length != 0) { + result = string(abi.encodePacked(_baseURI, LibString.toString(tokenId))); + } + } +} \ No newline at end of file diff --git a/packages/hardhat/contracts/SimpleDN404_merged.sol b/packages/hardhat/contracts/SimpleDN404_merged.sol new file mode 100644 index 0000000..014018c --- /dev/null +++ b/packages/hardhat/contracts/SimpleDN404_merged.sol @@ -0,0 +1,3899 @@ +pragma solidity ^0.8.4; + + +// SPDX-License-Identifier: MIT +/// @title DN404 +/// @notice DN404 is a hybrid ERC20 and ERC721 implementation that mints +/// and burns NFTs based on an account's ERC20 token balance. +/// +/// @author vectorized.eth (@optimizoor) +/// @author Quit (@0xQuit) +/// @author Michael Amadi (@AmadiMichaels) +/// @author cygaar (@0xCygaar) +/// @author Thomas (@0xjustadev) +/// @author Harrison (@PopPunkOnChain) +/// +/// @dev Note: +/// - The ERC721 data is stored in this base DN404 contract, however a +/// DN404Mirror contract ***MUST*** be deployed and linked during +/// initialization. +abstract contract DN404 { + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* EVENTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Emitted when `amount` tokens is transferred from `from` to `to`. + event Transfer(address indexed from, address indexed to, uint256 amount); + + /// @dev Emitted when `amount` tokens is approved by `owner` to be used by `spender`. + event Approval(address indexed owner, address indexed spender, uint256 amount); + + /// @dev Emitted when `target` sets their skipNFT flag to `status`. + event SkipNFTSet(address indexed target, bool status); + + /// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`. + uint256 private constant _TRANSFER_EVENT_SIGNATURE = + 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; + + /// @dev `keccak256(bytes("Approval(address,address,uint256)"))`. + uint256 private constant _APPROVAL_EVENT_SIGNATURE = + 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925; + + /// @dev `keccak256(bytes("SkipNFTSet(address,bool)"))`. + uint256 private constant _SKIP_NFT_SET_EVENT_SIGNATURE = + 0xb5a1de456fff688115a4f75380060c23c8532d14ff85f687cc871456d6420393; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CUSTOM ERRORS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Thrown when attempting to double-initialize the contract. + error DNAlreadyInitialized(); + + /// @dev Thrown when attempting to transfer or burn more tokens than sender's balance. + error InsufficientBalance(); + + /// @dev Thrown when a spender attempts to transfer tokens with an insufficient allowance. + error InsufficientAllowance(); + + /// @dev Thrown when minting an amount of tokens that would overflow the max tokens. + error TotalSupplyOverflow(); + + /// @dev The unit cannot be zero. + error UnitIsZero(); + + /// @dev Thrown when the caller for a fallback NFT function is not the mirror contract. + error SenderNotMirror(); + + /// @dev Thrown when attempting to transfer tokens to the zero address. + error TransferToZeroAddress(); + + /// @dev Thrown when the mirror address provided for initialization is the zero address. + error MirrorAddressIsZero(); + + /// @dev Thrown when the link call to the mirror contract reverts. + error LinkMirrorContractFailed(); + + /// @dev Thrown when setting an NFT token approval + /// and the caller is not the owner or an approved operator. + error ApprovalCallerNotOwnerNorApproved(); + + /// @dev Thrown when transferring an NFT + /// and the caller is not the owner or an approved operator. + error TransferCallerNotOwnerNorApproved(); + + /// @dev Thrown when transferring an NFT and the from address is not the current owner. + error TransferFromIncorrectOwner(); + + /// @dev Thrown when checking the owner or approved address for a non-existent NFT. + error TokenDoesNotExist(); + + /// @dev The function selector is not recognized. + error FnSelectorNotRecognized(); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONSTANTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev The flag to denote that the address data is initialized. + uint8 internal constant _ADDRESS_DATA_INITIALIZED_FLAG = 1 << 0; + + /// @dev The flag to denote that the address should skip NFTs. + uint8 internal constant _ADDRESS_DATA_SKIP_NFT_FLAG = 1 << 1; + + /// @dev The flag to denote that the address has overridden the default Permit2 allowance. + uint8 internal constant _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG = 1 << 2; + + /// @dev The canonical Permit2 address. + /// For signature-based allowance granting for single transaction ERC20 `transferFrom`. + /// To enable, override `_givePermit2DefaultInfiniteAllowance()`. + /// [Github](https://github.com/Uniswap/permit2) + /// [Etherscan](https://etherscan.io/address/0x000000000022D473030F116dDEE9F6B43aC78BA3) + address internal constant _PERMIT2 = 0x000000000022D473030F116dDEE9F6B43aC78BA3; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* STORAGE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Struct containing an address's token data and settings. + struct AddressData { + // Auxiliary data. + uint88 aux; + // Flags for `initialized` and `skipNFT`. + uint8 flags; + // The alias for the address. Zero means absence of an alias. + uint32 addressAlias; + // The number of NFT tokens. + uint32 ownedLength; + // The token balance in wei. + uint96 balance; + } + + /// @dev A uint32 map in storage. + struct Uint32Map { + uint256 spacer; + } + + /// @dev A bitmap in storage. + struct Bitmap { + uint256 spacer; + } + + /// @dev A struct to wrap a uint256 in storage. + struct Uint256Ref { + uint256 value; + } + + /// @dev A mapping of an address pair to a Uint256Ref. + struct AddressPairToUint256RefMap { + uint256 spacer; + } + + /// @dev Struct containing the base token contract storage. + struct DN404Storage { + // Current number of address aliases assigned. + uint32 numAliases; + // Next NFT ID to assign for a mint. + uint32 nextTokenId; + // The head of the burned pool. + uint32 burnedPoolHead; + // The tail of the burned pool. + uint32 burnedPoolTail; + // Total number of NFTs in existence. + uint32 totalNFTSupply; + // Total supply of tokens. + uint96 totalSupply; + // Address of the NFT mirror contract. + address mirrorERC721; + // Mapping of a user alias number to their address. + mapping(uint32 => address) aliasToAddress; + // Mapping of user operator approvals for NFTs. + AddressPairToUint256RefMap operatorApprovals; + // Mapping of NFT approvals to approved operators. + mapping(uint256 => address) nftApprovals; + // Bitmap of whether an non-zero NFT approval may exist. + Bitmap mayHaveNFTApproval; + // Bitmap of whether a NFT ID exists. Ignored if `_useExistsLookup()` returns false. + Bitmap exists; + // Mapping of user allowances for ERC20 spenders. + AddressPairToUint256RefMap allowance; + // Mapping of NFT IDs owned by an address. + mapping(address => Uint32Map) owned; + // The pool of burned NFT IDs. + Uint32Map burnedPool; + // Even indices: owner aliases. Odd indices: owned indices. + Uint32Map oo; + // Mapping of user account AddressData. + mapping(address => AddressData) addressData; + } + + /// @dev Returns a storage pointer for DN404Storage. + function _getDN404Storage() internal pure virtual returns (DN404Storage storage $) { + /// @solidity memory-safe-assembly + assembly { + // `uint72(bytes9(keccak256("DN404_STORAGE")))`. + $.slot := 0xa20d6e21d0e5255308 // Truncate to 9 bytes to reduce bytecode size. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INITIALIZER */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Initializes the DN404 contract with an + /// `initialTokenSupply`, `initialTokenOwner` and `mirror` NFT contract address. + function _initializeDN404( + uint256 initialTokenSupply, + address initialSupplyOwner, + address mirror + ) internal virtual { + DN404Storage storage $ = _getDN404Storage(); + + if (_unit() == 0) revert UnitIsZero(); + if ($.mirrorERC721 != address(0)) revert DNAlreadyInitialized(); + if (mirror == address(0)) revert MirrorAddressIsZero(); + + /// @solidity memory-safe-assembly + assembly { + // Make the call to link the mirror contract. + mstore(0x00, 0x0f4599e5) // `linkMirrorContract(address)`. + mstore(0x20, caller()) + if iszero(and(eq(mload(0x00), 1), call(gas(), mirror, 0, 0x1c, 0x24, 0x00, 0x20))) { + mstore(0x00, 0xd125259c) // `LinkMirrorContractFailed()`. + revert(0x1c, 0x04) + } + } + + $.nextTokenId = 1; + $.mirrorERC721 = mirror; + + if (initialTokenSupply != 0) { + if (initialSupplyOwner == address(0)) revert TransferToZeroAddress(); + if (_totalSupplyOverflows(initialTokenSupply)) revert TotalSupplyOverflow(); + + $.totalSupply = uint96(initialTokenSupply); + AddressData storage initialOwnerAddressData = _addressData(initialSupplyOwner); + initialOwnerAddressData.balance = uint96(initialTokenSupply); + + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, initialTokenSupply) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, initialSupplyOwner))) + } + + _setSkipNFT(initialSupplyOwner, true); + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* BASE UNIT FUNCTION TO OVERRIDE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Amount of token balance that is equal to one NFT. + function _unit() internal view virtual returns (uint256) { + return 10 ** 18; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* METADATA FUNCTIONS TO OVERRIDE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the name of the token. + function name() public view virtual returns (string memory); + + /// @dev Returns the symbol of the token. + function symbol() public view virtual returns (string memory); + + /// @dev Returns the Uniform Resource Identifier (URI) for token `id`. + function tokenURI(uint256 id) public view virtual returns (string memory); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONFIGURABLES */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns if direct NFT transfers should be used during ERC20 transfers + /// whenever possible, instead of burning and re-minting. + function _useDirectTransfersIfPossible() internal view virtual returns (bool) { + return true; + } + + /// @dev Returns if burns should be added to the burn pool. + /// This returns false by default, which means the NFT IDs are re-minted in a cycle. + function _addToBurnedPool(uint256 totalNFTSupplyAfterBurn, uint256 totalSupplyAfterBurn) + internal + view + virtual + returns (bool) + { + // Silence unused variable compiler warning. + totalSupplyAfterBurn = totalNFTSupplyAfterBurn; + return false; + } + + /// @dev Returns whether to use the exists bitmap for more efficient + /// scanning of an empty token ID slot. + /// Recommended for collections that do not use the burn pool, + /// and are expected to have nearly all possible NFTs materialized. + /// + /// Note: The returned value must be constant after initialization. + function _useExistsLookup() internal view virtual returns (bool) { + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* ERC20 OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the decimals places of the token. Always 18. + function decimals() public pure returns (uint8) { + return 18; + } + + /// @dev Returns the amount of tokens in existence. + function totalSupply() public view virtual returns (uint256) { + return uint256(_getDN404Storage().totalSupply); + } + + /// @dev Returns the amount of tokens owned by `owner`. + function balanceOf(address owner) public view virtual returns (uint256) { + return _getDN404Storage().addressData[owner].balance; + } + + /// @dev Returns the amount of tokens that `spender` can spend on behalf of `owner`. + function allowance(address owner, address spender) public view returns (uint256) { + if (_givePermit2DefaultInfiniteAllowance() && spender == _PERMIT2) { + uint8 flags = _getDN404Storage().addressData[owner].flags; + if (flags & _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG == 0) return type(uint256).max; + } + return _ref(_getDN404Storage().allowance, owner, spender).value; + } + + /// @dev Sets `amount` as the allowance of `spender` over the caller's tokens. + /// + /// Emits a {Approval} event. + function approve(address spender, uint256 amount) public virtual returns (bool) { + _approve(msg.sender, spender, amount); + return true; + } + + /// @dev Transfer `amount` tokens from the caller to `to`. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Requirements: + /// - `from` must at least have `amount`. + /// + /// Emits a {Transfer} event. + function transfer(address to, uint256 amount) public virtual returns (bool) { + _transfer(msg.sender, to, amount); + return true; + } + + /// @dev Transfers `amount` tokens from `from` to `to`. + /// + /// Note: Does not update the allowance if it is the maximum uint256 value. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Requirements: + /// - `from` must at least have `amount`. + /// - The caller must have at least `amount` of allowance to transfer the tokens of `from`. + /// + /// Emits a {Transfer} event. + function transferFrom(address from, address to, uint256 amount) public virtual returns (bool) { + Uint256Ref storage a = _ref(_getDN404Storage().allowance, from, msg.sender); + + uint256 allowed = _givePermit2DefaultInfiniteAllowance() && msg.sender == _PERMIT2 + && (_getDN404Storage().addressData[from].flags & _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG) == 0 + ? type(uint256).max + : a.value; + + if (allowed != type(uint256).max) { + if (amount > allowed) revert InsufficientAllowance(); + unchecked { + a.value = allowed - amount; + } + } + _transfer(from, to, amount); + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* PERMIT2 */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Whether Permit2 has infinite allowances by default for all owners. + /// For signature-based allowance granting for single transaction ERC20 `transferFrom`. + /// To enable, override this function to return true. + function _givePermit2DefaultInfiniteAllowance() internal view virtual returns (bool) { + return false; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL MINT FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Mints `amount` tokens to `to`, increasing the total supply. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is set to false. + /// + /// Emits a {Transfer} event. + function _mint(address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNMintTemps memory t; + unchecked { + uint256 toBalance = uint256(toAddressData.balance) + amount; + toAddressData.balance = uint96(toBalance); + t.toEnd = toBalance / _unit(); + } + uint256 maxId; + unchecked { + uint256 totalSupply_ = uint256($.totalSupply) + amount; + $.totalSupply = uint96(totalSupply_); + uint256 overflows = _toUint(_totalSupplyOverflows(totalSupply_)); + if (overflows | _toUint(totalSupply_ < amount) != 0) revert TotalSupplyOverflow(); + maxId = totalSupply_ / _unit(); + } + unchecked { + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + Uint32Map storage toOwned = $.owned[to]; + Uint32Map storage oo = $.oo; + uint256 toIndex = toAddressData.ownedLength; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(_zeroFloorSub(t.toEnd, toIndex)); + + if (packedLogs.logs.length != 0) { + _packedLogsSet(packedLogs, to, 0); + $.totalNFTSupply += uint32(packedLogs.logs.length); + toAddressData.ownedLength = uint32(t.toEnd); + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint32 burnedPoolHead = $.burnedPoolHead; + t.burnedPoolTail = $.burnedPoolTail; + t.nextTokenId = _wrapNFTId($.nextTokenId, maxId); + // Mint loop. + do { + uint256 id; + if (burnedPoolHead != t.burnedPoolTail) { + id = _get($.burnedPool, burnedPoolHead++); + } else { + id = t.nextTokenId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + t.nextTokenId = _wrapNFTId(id + 1, maxId); + } + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + $.nextTokenId = uint32(t.nextTokenId); + $.burnedPoolHead = burnedPoolHead; + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, to))) + } + } + + /// @dev Mints `amount` tokens to `to`, increasing the total supply. + /// This variant mints NFT tokens starting from ID `preTotalSupply / _unit() + 1`. + /// This variant will not touch the `burnedPool` and `nextTokenId`. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is set to false. + /// + /// Emits a {Transfer} event. + function _mintNext(address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNMintTemps memory t; + unchecked { + uint256 toBalance = uint256(toAddressData.balance) + amount; + toAddressData.balance = uint96(toBalance); + t.toEnd = toBalance / _unit(); + } + uint256 startId; + uint256 maxId; + unchecked { + uint256 preTotalSupply = uint256($.totalSupply); + startId = preTotalSupply / _unit() + 1; + uint256 totalSupply_ = uint256(preTotalSupply) + amount; + $.totalSupply = uint96(totalSupply_); + uint256 overflows = _toUint(_totalSupplyOverflows(totalSupply_)); + if (overflows | _toUint(totalSupply_ < amount) != 0) revert TotalSupplyOverflow(); + maxId = totalSupply_ / _unit(); + } + unchecked { + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + Uint32Map storage toOwned = $.owned[to]; + Uint32Map storage oo = $.oo; + uint256 toIndex = toAddressData.ownedLength; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(_zeroFloorSub(t.toEnd, toIndex)); + + if (packedLogs.logs.length != 0) { + _packedLogsSet(packedLogs, to, 0); + $.totalNFTSupply += uint32(packedLogs.logs.length); + toAddressData.ownedLength = uint32(t.toEnd); + t.toAlias = _registerAndResolveAlias(toAddressData, to); + // Mint loop. + do { + uint256 id = startId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + startId = _wrapNFTId(id + 1, maxId); + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, 0, shr(96, shl(96, to))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL BURN FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Burns `amount` tokens from `from`, reducing the total supply. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Emits a {Transfer} event. + function _burn(address from, uint256 amount) internal virtual { + AddressData storage fromAddressData = _addressData(from); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + uint256 fromBalance = fromAddressData.balance; + if (amount > fromBalance) revert InsufficientBalance(); + + unchecked { + fromAddressData.balance = uint96(fromBalance -= amount); + uint256 totalSupply_ = uint256($.totalSupply) - amount; + $.totalSupply = uint96(totalSupply_); + + Uint32Map storage fromOwned = $.owned[from]; + uint256 fromIndex = fromAddressData.ownedLength; + uint256 numNFTBurns = _zeroFloorSub(fromIndex, fromBalance / _unit()); + + if (numNFTBurns != 0) { + _DNPackedLogs memory packedLogs = _packedLogsMalloc(numNFTBurns); + _packedLogsSet(packedLogs, from, 1); + uint256 totalNFTSupply = uint256($.totalNFTSupply) - numNFTBurns; + $.totalNFTSupply = uint32(totalNFTSupply); + bool addToBurnedPool = _addToBurnedPool(totalNFTSupply, totalSupply_); + + Uint32Map storage oo = $.oo; + uint256 fromEnd = fromIndex - numNFTBurns; + fromAddressData.ownedLength = uint32(fromEnd); + uint32 burnedPoolTail = $.burnedPoolTail; + // Burn loop. + do { + uint256 id = _get(fromOwned, --fromIndex); + _setOwnerAliasAndOwnedIndex(oo, id, 0, 0); + _packedLogsAppend(packedLogs, id); + if (_useExistsLookup()) _set($.exists, id, false); + if (addToBurnedPool) _set($.burnedPool, burnedPoolTail++, uint32(id)); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (fromIndex != fromEnd); + + if (addToBurnedPool) $.burnedPoolTail = burnedPoolTail; + _packedLogsSend(packedLogs, $.mirrorERC721); + } + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), 0) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL TRANSFER FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Moves `amount` of tokens from `from` to `to`. + /// + /// Will burn sender NFTs if balance after transfer is less than + /// the amount required to support the current NFT balance. + /// + /// Will mint NFTs to `to` if the recipient's new balance supports + /// additional NFTs ***AND*** the `to` address's skipNFT flag is + /// set to false. + /// + /// Emits a {Transfer} event. + function _transfer(address from, address to, uint256 amount) internal virtual { + if (to == address(0)) revert TransferToZeroAddress(); + + AddressData storage fromAddressData = _addressData(from); + AddressData storage toAddressData = _addressData(to); + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + _DNTransferTemps memory t; + t.fromOwnedLength = fromAddressData.ownedLength; + t.toOwnedLength = toAddressData.ownedLength; + t.totalSupply = $.totalSupply; + + if (amount > (t.fromBalance = fromAddressData.balance)) revert InsufficientBalance(); + + unchecked { + fromAddressData.balance = uint96(t.fromBalance -= amount); + toAddressData.balance = uint96(t.toBalance = uint256(toAddressData.balance) + amount); + + t.numNFTBurns = _zeroFloorSub(t.fromOwnedLength, t.fromBalance / _unit()); + + if (toAddressData.flags & _ADDRESS_DATA_SKIP_NFT_FLAG == 0) { + if (from == to) t.toOwnedLength = t.fromOwnedLength - t.numNFTBurns; + t.numNFTMints = _zeroFloorSub(t.toBalance / _unit(), t.toOwnedLength); + } + + if (_useDirectTransfersIfPossible()) { + uint256 n = _min(t.fromOwnedLength, _min(t.numNFTBurns, t.numNFTMints)); + if (n != 0) { + t.numNFTBurns -= n; + t.numNFTMints -= n; + if (from == to) { + t.toOwnedLength += n; + } else { + _DNDirectLogs memory directLogs = _directLogsMalloc(n, from, to); + Uint32Map storage fromOwned = $.owned[from]; + Uint32Map storage toOwned = $.owned[to]; + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint256 toIndex = t.toOwnedLength; + // Direct transfer loop. + do { + uint256 id = _get(fromOwned, --t.fromOwnedLength); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex($.oo, id, t.toAlias, uint32(toIndex++)); + _directLogsAppend(directLogs, id); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (--n != 0); + + toAddressData.ownedLength = uint32(t.toOwnedLength = toIndex); + fromAddressData.ownedLength = uint32(t.fromOwnedLength); + _directLogsSend(directLogs, $.mirrorERC721); + } + } + } + + t.totalNFTSupply = uint256($.totalNFTSupply) + t.numNFTMints - t.numNFTBurns; + $.totalNFTSupply = uint32(t.totalNFTSupply); + + Uint32Map storage oo = $.oo; + _DNPackedLogs memory packedLogs = _packedLogsMalloc(t.numNFTBurns + t.numNFTMints); + + t.burnedPoolTail = $.burnedPoolTail; + if (t.numNFTBurns != 0) { + _packedLogsSet(packedLogs, from, 1); + bool addToBurnedPool = _addToBurnedPool(t.totalNFTSupply, t.totalSupply); + Uint32Map storage fromOwned = $.owned[from]; + uint256 fromIndex = t.fromOwnedLength; + fromAddressData.ownedLength = uint32(t.fromEnd = fromIndex - t.numNFTBurns); + uint32 burnedPoolTail = t.burnedPoolTail; + // Burn loop. + do { + uint256 id = _get(fromOwned, --fromIndex); + _setOwnerAliasAndOwnedIndex(oo, id, 0, 0); + _packedLogsAppend(packedLogs, id); + if (_useExistsLookup()) _set($.exists, id, false); + if (addToBurnedPool) _set($.burnedPool, burnedPoolTail++, uint32(id)); + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + } while (fromIndex != t.fromEnd); + + if (addToBurnedPool) $.burnedPoolTail = (t.burnedPoolTail = burnedPoolTail); + } + + if (t.numNFTMints != 0) { + _packedLogsSet(packedLogs, to, 0); + Uint32Map storage toOwned = $.owned[to]; + t.toAlias = _registerAndResolveAlias(toAddressData, to); + uint256 maxId = t.totalSupply / _unit(); + t.nextTokenId = _wrapNFTId($.nextTokenId, maxId); + uint256 toIndex = t.toOwnedLength; + toAddressData.ownedLength = uint32(t.toEnd = toIndex + t.numNFTMints); + uint32 burnedPoolHead = $.burnedPoolHead; + // Mint loop. + do { + uint256 id; + if (burnedPoolHead != t.burnedPoolTail) { + id = _get($.burnedPool, burnedPoolHead++); + } else { + id = t.nextTokenId; + while (_get(oo, _ownershipIndex(id)) != 0) { + id = _useExistsLookup() + ? _wrapNFTId(_findFirstUnset($.exists, id + 1, maxId + 1), maxId) + : _wrapNFTId(id + 1, maxId); + } + t.nextTokenId = _wrapNFTId(id + 1, maxId); + } + if (_useExistsLookup()) _set($.exists, id, true); + _set(toOwned, toIndex, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, t.toAlias, uint32(toIndex++)); + _packedLogsAppend(packedLogs, id); + } while (toIndex != t.toEnd); + + $.burnedPoolHead = burnedPoolHead; + $.nextTokenId = uint32(t.nextTokenId); + } + + if (packedLogs.logs.length != 0) _packedLogsSend(packedLogs, $.mirrorERC721); + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, amount) + // forgefmt: disable-next-item + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), shr(96, shl(96, to))) + } + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Call must originate from the mirror contract. + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// `msgSender` must be the owner of the token, or be approved to manage the token. + /// + /// Emits a {Transfer} event. + function _transferFromNFT(address from, address to, uint256 id, address msgSender) + internal + virtual + { + if (to == address(0)) revert TransferToZeroAddress(); + + DN404Storage storage $ = _getDN404Storage(); + if ($.mirrorERC721 == address(0)) revert(); + + Uint32Map storage oo = $.oo; + + if (from != $.aliasToAddress[_get(oo, _ownershipIndex(_restrictNFTId(id)))]) { + revert TransferFromIncorrectOwner(); + } + + if (msgSender != from) { + if (_ref($.operatorApprovals, from, msgSender).value == 0) { + if (msgSender != $.nftApprovals[id]) { + revert TransferCallerNotOwnerNorApproved(); + } + } + } + + AddressData storage fromAddressData = _addressData(from); + AddressData storage toAddressData = _addressData(to); + + uint256 unit = _unit(); + mapping(address => Uint32Map) storage owned = $.owned; + Uint32Map storage fromOwned = owned[from]; + + unchecked { + uint256 fromBalance = fromAddressData.balance; + if (unit > fromBalance) revert InsufficientBalance(); + fromAddressData.balance = uint96(fromBalance - unit); + toAddressData.balance += uint96(unit); + } + if (_get($.mayHaveNFTApproval, id)) { + _set($.mayHaveNFTApproval, id, false); + delete $.nftApprovals[id]; + } + unchecked { + uint32 updatedId = _get(fromOwned, --fromAddressData.ownedLength); + uint32 i = _get(oo, _ownedIndex(id)); + _set(fromOwned, i, updatedId); + _set(oo, _ownedIndex(updatedId), i); + } + unchecked { + uint32 n = toAddressData.ownedLength++; + _set(owned[to], n, uint32(id)); + _setOwnerAliasAndOwnedIndex(oo, id, _registerAndResolveAlias(toAddressData, to), n); + } + /// @solidity memory-safe-assembly + assembly { + // Emit the {Transfer} event. + mstore(0x00, unit) + // forgefmt: disable-next-item + log3(0x00, 0x20, _TRANSFER_EVENT_SIGNATURE, shr(96, shl(96, from)), shr(96, shl(96, to))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL APPROVE FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Sets `amount` as the allowance of `spender` over the tokens of `owner`. + /// + /// Emits a {Approval} event. + function _approve(address owner, address spender, uint256 amount) internal virtual { + if (_givePermit2DefaultInfiniteAllowance() && spender == _PERMIT2) { + _getDN404Storage().addressData[owner].flags |= _ADDRESS_DATA_OVERRIDE_PERMIT2_FLAG; + } + _ref(_getDN404Storage().allowance, owner, spender).value = amount; + /// @solidity memory-safe-assembly + assembly { + // Emit the {Approval} event. + mstore(0x00, amount) + // forgefmt: disable-next-item + log3(0x00, 0x20, _APPROVAL_EVENT_SIGNATURE, shr(96, shl(96, owner)), shr(96, shl(96, spender))) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* DATA HITCHHIKING FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the auxiliary data for `owner`. + /// Minting, transferring, burning the tokens of `owner` will not change the auxiliary data. + /// Auxiliary data can be set for any address, even if it does not have any tokens. + function _getAux(address owner) internal view virtual returns (uint88) { + return _getDN404Storage().addressData[owner].aux; + } + + /// @dev Set the auxiliary data for `owner` to `value`. + /// Minting, transferring, burning the tokens of `owner` will not change the auxiliary data. + /// Auxiliary data can be set for any address, even if it does not have any tokens. + function _setAux(address owner, uint88 value) internal virtual { + _getDN404Storage().addressData[owner].aux = value; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* SKIP NFT FUNCTIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns true if minting and transferring ERC20s to `owner` will skip minting NFTs. + /// Returns false otherwise. + function getSkipNFT(address owner) public view virtual returns (bool) { + AddressData storage d = _getDN404Storage().addressData[owner]; + if (d.flags & _ADDRESS_DATA_INITIALIZED_FLAG == 0) return _hasCode(owner); + return d.flags & _ADDRESS_DATA_SKIP_NFT_FLAG != 0; + } + + /// @dev Sets the caller's skipNFT flag to `skipNFT`. Returns true. + /// + /// Emits a {SkipNFTSet} event. + function setSkipNFT(bool skipNFT) public virtual returns (bool) { + _setSkipNFT(msg.sender, skipNFT); + return true; + } + + /// @dev Internal function to set account `owner` skipNFT flag to `state` + /// + /// Initializes account `owner` AddressData if it is not currently initialized. + /// + /// Emits a {SkipNFTSet} event. + function _setSkipNFT(address owner, bool state) internal virtual { + AddressData storage d = _addressData(owner); + if ((d.flags & _ADDRESS_DATA_SKIP_NFT_FLAG != 0) != state) { + d.flags ^= _ADDRESS_DATA_SKIP_NFT_FLAG; + } + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, iszero(iszero(state))) + log2(0x00, 0x20, _SKIP_NFT_SET_EVENT_SIGNATURE, shr(96, shl(96, owner))) + } + } + + /// @dev Returns a storage data pointer for account `owner` AddressData + /// + /// Initializes account `owner` AddressData if it is not currently initialized. + function _addressData(address owner) internal virtual returns (AddressData storage d) { + d = _getDN404Storage().addressData[owner]; + unchecked { + if (d.flags & _ADDRESS_DATA_INITIALIZED_FLAG == 0) { + uint256 skipNFT = _toUint(_hasCode(owner)) * _ADDRESS_DATA_SKIP_NFT_FLAG; + d.flags = uint8(skipNFT | _ADDRESS_DATA_INITIALIZED_FLAG); + } + } + } + + /// @dev Returns the `addressAlias` of account `to`. + /// + /// Assigns and registers the next alias if `to` alias was not previously registered. + function _registerAndResolveAlias(AddressData storage toAddressData, address to) + internal + virtual + returns (uint32 addressAlias) + { + DN404Storage storage $ = _getDN404Storage(); + addressAlias = toAddressData.addressAlias; + if (addressAlias == 0) { + unchecked { + addressAlias = ++$.numAliases; + } + toAddressData.addressAlias = addressAlias; + $.aliasToAddress[addressAlias] = to; + if (addressAlias == 0) revert(); // Overflow. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* MIRROR OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the address of the mirror NFT contract. + function mirrorERC721() public view virtual returns (address) { + return _getDN404Storage().mirrorERC721; + } + + /// @dev Returns the total NFT supply. + function _totalNFTSupply() internal view virtual returns (uint256) { + return _getDN404Storage().totalNFTSupply; + } + + /// @dev Returns `owner` NFT balance. + function _balanceOfNFT(address owner) internal view virtual returns (uint256) { + return _getDN404Storage().addressData[owner].ownedLength; + } + + /// @dev Returns the owner of token `id`. + /// Returns the zero address instead of reverting if the token does not exist. + function _ownerAt(uint256 id) internal view virtual returns (address) { + DN404Storage storage $ = _getDN404Storage(); + return $.aliasToAddress[_get($.oo, _ownershipIndex(_restrictNFTId(id)))]; + } + + /// @dev Returns the owner of token `id`. + /// + /// Requirements: + /// - Token `id` must exist. + function _ownerOf(uint256 id) internal view virtual returns (address) { + if (!_exists(id)) revert TokenDoesNotExist(); + return _ownerAt(id); + } + + /// @dev Returns if token `id` exists. + function _exists(uint256 id) internal view virtual returns (bool) { + return _ownerAt(id) != address(0); + } + + /// @dev Returns the account approved to manage token `id`. + /// + /// Requirements: + /// - Token `id` must exist. + function _getApproved(uint256 id) internal view virtual returns (address) { + if (!_exists(id)) revert TokenDoesNotExist(); + return _getDN404Storage().nftApprovals[id]; + } + + /// @dev Sets `spender` as the approved account to manage token `id`, using `msgSender`. + /// + /// Requirements: + /// - `msgSender` must be the owner or an approved operator for the token owner. + function _approveNFT(address spender, uint256 id, address msgSender) + internal + virtual + returns (address owner) + { + DN404Storage storage $ = _getDN404Storage(); + + owner = $.aliasToAddress[_get($.oo, _ownershipIndex(_restrictNFTId(id)))]; + + if (msgSender != owner) { + if (_ref($.operatorApprovals, owner, msgSender).value == 0) { + revert ApprovalCallerNotOwnerNorApproved(); + } + } + + $.nftApprovals[id] = spender; + _set($.mayHaveNFTApproval, id, spender != address(0)); + } + + /// @dev Approve or remove the `operator` as an operator for `msgSender`, + /// without authorization checks. + function _setApprovalForAll(address operator, bool approved, address msgSender) + internal + virtual + { + _ref(_getDN404Storage().operatorApprovals, msgSender, operator).value = _toUint(approved); + } + + /// @dev Returns the NFT IDs of `owner` in range `[begin, end)`. + /// Optimized for smaller bytecode size, as this function is intended for off-chain calling. + function _ownedIds(address owner, uint256 begin, uint256 end) + internal + view + virtual + returns (uint256[] memory ids) + { + DN404Storage storage $ = _getDN404Storage(); + Uint32Map storage owned = $.owned[owner]; + uint256 n = _min($.addressData[owner].ownedLength, end); + /// @solidity memory-safe-assembly + assembly { + ids := mload(0x40) + let i := begin + for {} lt(i, n) { i := add(i, 1) } { + let s := add(shl(96, owned.slot), shr(3, i)) // Storage slot. + let id := and(0xffffffff, shr(shl(5, and(i, 7)), sload(s))) + mstore(add(add(ids, 0x20), shl(5, sub(i, begin))), id) // Append to. + } + mstore(ids, sub(i, begin)) // Store the length. + mstore(0x40, add(add(ids, 0x20), shl(5, sub(i, begin)))) // Allocate memory. + } + } + + /// @dev Fallback modifier to dispatch calls from the mirror NFT contract + /// to internal functions in this contract. + modifier dn404Fallback() virtual { + DN404Storage storage $ = _getDN404Storage(); + + uint256 fnSelector = _calldataload(0x00) >> 224; + address mirror = $.mirrorERC721; + + // `transferFromNFT(address,address,uint256,address)`. + if (fnSelector == 0xe5eb36c8) { + if (msg.sender != mirror) revert SenderNotMirror(); + _transferFromNFT( + address(uint160(_calldataload(0x04))), // `from`. + address(uint160(_calldataload(0x24))), // `to`. + _calldataload(0x44), // `id`. + address(uint160(_calldataload(0x64))) // `msgSender`. + ); + _return(1); + } + // `setApprovalForAll(address,bool,address)`. + if (fnSelector == 0x813500fc) { + if (msg.sender != mirror) revert SenderNotMirror(); + _setApprovalForAll( + address(uint160(_calldataload(0x04))), // `spender`. + _calldataload(0x24) != 0, // `status`. + address(uint160(_calldataload(0x44))) // `msgSender`. + ); + _return(1); + } + // `isApprovedForAll(address,address)`. + if (fnSelector == 0xe985e9c5) { + if (msg.sender != mirror) revert SenderNotMirror(); + Uint256Ref storage ref = _ref( + $.operatorApprovals, + address(uint160(_calldataload(0x04))), // `owner`. + address(uint160(_calldataload(0x24))) // `operator`. + ); + _return(ref.value); + } + // `ownerOf(uint256)`. + if (fnSelector == 0x6352211e) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_ownerOf(_calldataload(0x04)))); + } + // `ownerAt(uint256)`. + if (fnSelector == 0x24359879) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_ownerAt(_calldataload(0x04)))); + } + // `approveNFT(address,uint256,address)`. + if (fnSelector == 0xd10b6e0c) { + if (msg.sender != mirror) revert SenderNotMirror(); + address owner = _approveNFT( + address(uint160(_calldataload(0x04))), // `spender`. + _calldataload(0x24), // `id`. + address(uint160(_calldataload(0x44))) // `msgSender`. + ); + _return(uint160(owner)); + } + // `getApproved(uint256)`. + if (fnSelector == 0x081812fc) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(uint160(_getApproved(_calldataload(0x04)))); + } + // `balanceOfNFT(address)`. + if (fnSelector == 0xf5b100ea) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(_balanceOfNFT(address(uint160(_calldataload(0x04))))); + } + // `totalNFTSupply()`. + if (fnSelector == 0xe2c79281) { + if (msg.sender != mirror) revert SenderNotMirror(); + _return(_totalNFTSupply()); + } + // `implementsDN404()`. + if (fnSelector == 0xb7a94eb8) { + _return(1); + } + _; + } + + /// @dev Fallback function for calls from mirror NFT contract. + /// Override this if you need to implement your custom + /// fallback with utilities like Solady's `LibZip.cdFallback()`. + /// And always remember to always wrap the fallback with `dn404Fallback`. + fallback() external payable virtual dn404Fallback { + revert FnSelectorNotRecognized(); // Not mandatory. Just for quality of life. + } + + /// @dev This is to silence the compiler warning. + /// Override and remove the revert if you want your contract to receive ETH via receive. + receive() external payable virtual { + if (msg.value != 0) revert(); + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* INTERNAL / PRIVATE HELPERS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns `(i - 1) << 1`. + function _ownershipIndex(uint256 i) internal pure returns (uint256) { + unchecked { + return (i - 1) << 1; // Minus 1 as token IDs start from 1. + } + } + + /// @dev Returns `((i - 1) << 1) + 1`. + function _ownedIndex(uint256 i) internal pure returns (uint256) { + unchecked { + return ((i - 1) << 1) + 1; // Minus 1 as token IDs start from 1. + } + } + + /// @dev Returns the uint32 value at `index` in `map`. + function _get(Uint32Map storage map, uint256 index) internal view returns (uint32 result) { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, map.slot), shr(3, index)) // Storage slot. + result := and(0xffffffff, shr(shl(5, and(index, 7)), sload(s))) + } + } + + /// @dev Updates the uint32 value at `index` in `map`. + function _set(Uint32Map storage map, uint256 index, uint32 value) internal { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, map.slot), shr(3, index)) // Storage slot. + let o := shl(5, and(index, 7)) // Storage slot offset (bits). + let v := sload(s) // Storage slot value. + sstore(s, xor(v, shl(o, and(0xffffffff, xor(value, shr(o, v)))))) + } + } + + /// @dev Sets the owner alias and the owned index together. + function _setOwnerAliasAndOwnedIndex( + Uint32Map storage map, + uint256 id, + uint32 ownership, + uint32 ownedIndex + ) internal { + /// @solidity memory-safe-assembly + assembly { + let i := sub(id, 1) // Index of the uint64 combined value. + let s := add(shl(96, map.slot), shr(2, i)) // Storage slot. + let v := sload(s) // Storage slot value. + let o := shl(6, and(i, 3)) // Storage slot offset (bits). + let combined := or(shl(32, ownedIndex), and(0xffffffff, ownership)) + sstore(s, xor(v, shl(o, and(0xffffffffffffffff, xor(shr(o, v), combined))))) + } + } + + /// @dev Returns the boolean value of the bit at `index` in `bitmap`. + function _get(Bitmap storage bitmap, uint256 index) internal view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, bitmap.slot), shr(8, index)) // Storage slot. + result := and(1, shr(and(0xff, index), sload(s))) + } + } + + /// @dev Updates the bit at `index` in `bitmap` to `value`. + function _set(Bitmap storage bitmap, uint256 index, bool value) internal { + /// @solidity memory-safe-assembly + assembly { + let s := add(shl(96, bitmap.slot), shr(8, index)) // Storage slot. + let o := and(0xff, index) // Storage slot offset (bits). + sstore(s, or(and(sload(s), not(shl(o, 1))), shl(o, iszero(iszero(value))))) + } + } + + /// @dev Returns the index of the least significant unset bit in `[begin, end)`. + /// If no unset bit is found, returns `type(uint256).max`. + function _findFirstUnset(Bitmap storage bitmap, uint256 begin, uint256 end) + internal + view + returns (uint256 unsetBitIndex) + { + /// @solidity memory-safe-assembly + assembly { + unsetBitIndex := not(0) // Initialize to `type(uint256).max`. + let s := shl(96, bitmap.slot) // Storage offset of the bitmap. + let bucket := add(s, shr(8, begin)) + let negBits := shl(and(0xff, begin), shr(and(0xff, begin), not(sload(bucket)))) + if iszero(negBits) { + let lastBucket := add(s, shr(8, end)) + for {} 1 {} { + bucket := add(bucket, 1) + negBits := not(sload(bucket)) + if or(negBits, gt(bucket, lastBucket)) { break } + } + if gt(bucket, lastBucket) { + negBits := shr(and(0xff, not(end)), shl(and(0xff, not(end)), negBits)) + } + } + if negBits { + // Find-first-set routine. + let b := and(negBits, add(not(negBits), 1)) // Isolate the least significant bit. + let r := shl(7, lt(0xffffffffffffffffffffffffffffffff, b)) + r := or(r, shl(6, lt(0xffffffffffffffff, shr(r, b)))) + r := or(r, shl(5, lt(0xffffffff, shr(r, b)))) + // For the remaining 32 bits, use a De Bruijn lookup. + // forgefmt: disable-next-item + r := or(r, byte(and(div(0xd76453e0, shr(r, b)), 0x1f), + 0x001f0d1e100c1d070f090b19131c1706010e11080a1a141802121b1503160405)) + r := or(shl(8, sub(bucket, s)), r) + unsetBitIndex := or(r, sub(0, or(iszero(lt(r, end)), lt(r, begin)))) + } + } + } + + /// @dev Returns a storage reference to the value at (`a0`, `a1`) in `map`. + function _ref(AddressPairToUint256RefMap storage map, address a0, address a1) + internal + pure + returns (Uint256Ref storage ref) + { + /// @solidity memory-safe-assembly + assembly { + mstore(0x28, a1) + mstore(0x14, a0) + mstore(0x00, map.slot) + ref.slot := keccak256(0x00, 0x48) + // Clear the part of the free memory pointer that was overwritten. + mstore(0x28, 0x00) + } + } + + /// @dev Wraps the NFT ID. + function _wrapNFTId(uint256 id, uint256 maxId) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := or(mul(iszero(gt(id, maxId)), id), gt(id, maxId)) + } + } + + /// @dev Returns `id > type(uint32).max ? 0 : id`. + function _restrictNFTId(uint256 id) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := mul(id, lt(id, 0x100000000)) + } + } + + /// @dev Returns whether `amount` is a valid `totalSupply`. + function _totalSupplyOverflows(uint256 amount) internal view returns (bool result) { + uint256 unit = _unit(); + /// @solidity memory-safe-assembly + assembly { + result := iszero(iszero(or(shr(96, amount), lt(0xfffffffe, div(amount, unit))))) + } + } + + /// @dev Returns `max(0, x - y)`. + function _zeroFloorSub(uint256 x, uint256 y) internal pure returns (uint256 z) { + /// @solidity memory-safe-assembly + assembly { + z := mul(gt(x, y), sub(x, y)) + } + } + + /// @dev Returns `x < y ? x : y`. + function _min(uint256 x, uint256 y) internal pure returns (uint256 z) { + /// @solidity memory-safe-assembly + assembly { + z := xor(x, mul(xor(x, y), lt(y, x))) + } + } + + /// @dev Returns `b ? 1 : 0`. + function _toUint(bool b) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + result := iszero(iszero(b)) + } + } + + /// @dev Struct containing direct transfer log data for {Transfer} events to be + /// emitted by the mirror NFT contract. + struct _DNDirectLogs { + uint256 offset; + address from; + address to; + uint256[] logs; + } + + /// @dev Initiates memory allocation for direct logs with `n` log items. + function _directLogsMalloc(uint256 n, address from, address to) + private + pure + returns (_DNDirectLogs memory p) + { + /// @solidity memory-safe-assembly + assembly { + // Note that `p` implicitly allocates and advances the free memory pointer by + // 4 words, which we can safely mutate in `_directLogsSend`. + let logs := mload(0x40) + mstore(logs, n) // Store the length. + let offset := add(0x20, logs) // Skip the word for `p.logs.length`. + mstore(0x40, add(offset, shl(5, n))) // Allocate memory. + mstore(add(0x60, p), logs) // Set `p.logs`. + mstore(add(0x40, p), to) // Set `p.to`. + mstore(add(0x20, p), from) // Set `p.from`. + mstore(p, offset) // Set `p.offset`. + } + } + + /// @dev Adds a direct log item to `p` with token `id`. + function _directLogsAppend(_DNDirectLogs memory p, uint256 id) private pure { + /// @solidity memory-safe-assembly + assembly { + let offset := mload(p) + mstore(offset, id) + mstore(p, add(offset, 0x20)) + } + } + + /// @dev Calls the `mirror` NFT contract to emit {Transfer} events for packed logs `p`. + function _directLogsSend(_DNDirectLogs memory p, address mirror) private { + /// @solidity memory-safe-assembly + assembly { + let logs := mload(add(p, 0x60)) + let n := add(0x84, shl(5, mload(logs))) // Length of calldata to send. + let o := sub(logs, 0x80) // Start of calldata to send. + mstore(o, 0x144027d3) // `logDirectTransfer(address,address,uint256[])`. + let from := mload(add(0x20, p)) + let to := mload(add(0x40, p)) + mstore(add(o, 0x20), from) + mstore(add(o, 0x40), to) + mstore(add(o, 0x60), 0x60) // Offset of `logs` in the calldata to send. + if iszero(and(eq(mload(o), 1), call(gas(), mirror, 0, add(o, 0x1c), n, o, 0x20))) { + revert(o, 0x00) + } + } + } + + /// @dev Struct containing packed log data for {Transfer} events to be + /// emitted by the mirror NFT contract. + struct _DNPackedLogs { + uint256 offset; + uint256 addressAndBit; + uint256[] logs; + } + + /// @dev Initiates memory allocation for packed logs with `n` log items. + function _packedLogsMalloc(uint256 n) private pure returns (_DNPackedLogs memory p) { + /// @solidity memory-safe-assembly + assembly { + // Note that `p` implicitly allocates and advances the free memory pointer by + // 3 words, which we can safely mutate in `_packedLogsSend`. + let logs := mload(0x40) + mstore(logs, n) // Store the length. + let offset := add(0x20, logs) // Skip the word for `p.logs.length`. + mstore(0x40, add(offset, shl(5, n))) // Allocate memory. + mstore(add(0x40, p), logs) // Set `p.logs`. + mstore(p, offset) // Set `p.offset`. + } + } + + /// @dev Set the current address and the burn bit. + function _packedLogsSet(_DNPackedLogs memory p, address a, uint256 burnBit) private pure { + /// @solidity memory-safe-assembly + assembly { + mstore(add(p, 0x20), or(shl(96, a), burnBit)) // Set `p.addressAndBit`. + } + } + + /// @dev Adds a packed log item to `p` with token `id`. + function _packedLogsAppend(_DNPackedLogs memory p, uint256 id) private pure { + /// @solidity memory-safe-assembly + assembly { + let offset := mload(p) + mstore(offset, or(mload(add(p, 0x20)), shl(8, id))) // `p.addressAndBit | (id << 8)`. + mstore(p, add(offset, 0x20)) + } + } + + /// @dev Calls the `mirror` NFT contract to emit {Transfer} events for packed logs `p`. + function _packedLogsSend(_DNPackedLogs memory p, address mirror) private { + /// @solidity memory-safe-assembly + assembly { + let logs := mload(add(p, 0x40)) + let o := sub(logs, 0x40) // Start of calldata to send. + mstore(o, 0x263c69d6) // `logTransfer(uint256[])`. + mstore(add(o, 0x20), 0x20) // Offset of `logs` in the calldata to send. + let n := add(0x44, shl(5, mload(logs))) // Length of calldata to send. + if iszero(and(eq(mload(o), 1), call(gas(), mirror, 0, add(o, 0x1c), n, o, 0x20))) { + revert(o, 0x00) + } + } + } + + /// @dev Struct of temporary variables for transfers. + struct _DNTransferTemps { + uint256 numNFTBurns; + uint256 numNFTMints; + uint256 fromBalance; + uint256 toBalance; + uint256 fromOwnedLength; + uint256 toOwnedLength; + uint256 totalSupply; + uint256 totalNFTSupply; + uint256 fromEnd; + uint256 toEnd; + uint32 toAlias; + uint256 nextTokenId; + uint32 burnedPoolTail; + } + + /// @dev Struct of temporary variables for mints. + struct _DNMintTemps { + uint256 nextTokenId; + uint32 burnedPoolTail; + uint256 toEnd; + uint32 toAlias; + } + + /// @dev Returns if `a` has bytecode of non-zero length. + function _hasCode(address a) private view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := extcodesize(a) // Can handle dirty upper bits. + } + } + + /// @dev Returns the calldata value at `offset`. + function _calldataload(uint256 offset) private pure returns (uint256 value) { + /// @solidity memory-safe-assembly + assembly { + value := calldataload(offset) + } + } + + /// @dev Executes a return opcode to return `x` and end the current call frame. + function _return(uint256 x) private pure { + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, x) + return(0x00, 0x20) + } + } +} + +// SPDX-License-Identifier: MIT +/// @title DN404Mirror +/// @notice DN404Mirror provides an interface for interacting with the +/// NFT tokens in a DN404 implementation. +/// +/// @author vectorized.eth (@optimizoor) +/// @author Quit (@0xQuit) +/// @author Michael Amadi (@AmadiMichaels) +/// @author cygaar (@0xCygaar) +/// @author Thomas (@0xjustadev) +/// @author Harrison (@PopPunkOnChain) +/// +/// @dev Note: +/// - The ERC721 data is stored in the base DN404 contract. +contract DN404Mirror { + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* EVENTS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Emitted when token `id` is transferred from `from` to `to`. + event Transfer(address indexed from, address indexed to, uint256 indexed id); + + /// @dev Emitted when `owner` enables `account` to manage the `id` token. + event Approval(address indexed owner, address indexed account, uint256 indexed id); + + /// @dev Emitted when `owner` enables or disables `operator` to manage all of their tokens. + event ApprovalForAll(address indexed owner, address indexed operator, bool isApproved); + + /// @dev The ownership is transferred from `oldOwner` to `newOwner`. + /// This is for marketplace signaling purposes. This contract has a `pullOwner()` + /// function that will sync the owner from the base contract. + event OwnershipTransferred(address indexed oldOwner, address indexed newOwner); + + /// @dev `keccak256(bytes("Transfer(address,address,uint256)"))`. + uint256 private constant _TRANSFER_EVENT_SIGNATURE = + 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef; + + /// @dev `keccak256(bytes("Approval(address,address,uint256)"))`. + uint256 private constant _APPROVAL_EVENT_SIGNATURE = + 0x8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925; + + /// @dev `keccak256(bytes("ApprovalForAll(address,address,bool)"))`. + uint256 private constant _APPROVAL_FOR_ALL_EVENT_SIGNATURE = + 0x17307eab39ab6107e8899845ad3d59bd9653f200f220920489ca2b5937696c31; + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CUSTOM ERRORS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Thrown when a call for an NFT function did not originate + /// from the base DN404 contract. + error SenderNotBase(); + + /// @dev Thrown when a call for an NFT function did not originate from the deployer. + error SenderNotDeployer(); + + /// @dev Thrown when transferring an NFT to a contract address that + /// does not implement ERC721Receiver. + error TransferToNonERC721ReceiverImplementer(); + + /// @dev Thrown when linking to the DN404 base contract and the + /// DN404 supportsInterface check fails or the call reverts. + error CannotLink(); + + /// @dev Thrown when a linkMirrorContract call is received and the + /// NFT mirror contract has already been linked to a DN404 base contract. + error AlreadyLinked(); + + /// @dev Thrown when retrieving the base DN404 address when a link has not + /// been established. + error NotLinked(); + + /// @dev The function selector is not recognized. + error FnSelectorNotRecognized(); + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* STORAGE */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Struct contain the NFT mirror contract storage. + struct DN404NFTStorage { + // Address of the ERC20 base contract. + address baseERC20; + // The deployer, if provided. If non-zero, the initialization of the + // ERC20 <-> ERC721 link can only be done be the deployer via the ERC20 base contract. + address deployer; + // The owner of the ERC20 base contract. For marketplace signaling. + address owner; + } + + /// @dev Returns a storage pointer for DN404NFTStorage. + function _getDN404NFTStorage() internal pure virtual returns (DN404NFTStorage storage $) { + /// @solidity memory-safe-assembly + assembly { + // `uint72(bytes9(keccak256("DN404_MIRROR_STORAGE")))`. + $.slot := 0x3602298b8c10b01230 // Truncate to 9 bytes to reduce bytecode size. + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* CONSTRUCTOR */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + constructor(address deployer) { + // For non-proxies, we will store the deployer so that only the deployer can + // link the base contract. + _getDN404NFTStorage().deployer = deployer; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* ERC721 OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the token collection name from the base DN404 contract. + function name() public view virtual returns (string memory) { + return _readString(0x06fdde03, 0); // `name()`. + } + + /// @dev Returns the token collection symbol from the base DN404 contract. + function symbol() public view virtual returns (string memory) { + return _readString(0x95d89b41, 0); // `symbol()`. + } + + /// @dev Returns the Uniform Resource Identifier (URI) for token `id` from + /// the base DN404 contract. + function tokenURI(uint256 id) public view virtual returns (string memory) { + return _readString(0xc87b56dd, id); // `tokenURI()`. + } + + /// @dev Returns the total NFT supply from the base DN404 contract. + function totalSupply() public view virtual returns (uint256) { + return _readWord(0xe2c79281, 0, 0); // `totalNFTSupply()`. + } + + /// @dev Returns the number of NFT tokens owned by `nftOwner` from the base DN404 contract. + /// + /// Requirements: + /// - `nftOwner` must not be the zero address. + function balanceOf(address nftOwner) public view virtual returns (uint256) { + return _readWord(0xf5b100ea, uint160(nftOwner), 0); // `balanceOfNFT(address)`. + } + + /// @dev Returns the owner of token `id` from the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + function ownerOf(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x6352211e, id, 0))); // `ownerOf(uint256)`. + } + + /// @dev Returns the owner of token `id` from the base DN404 contract. + /// Returns `address(0)` instead of reverting if the token does not exist. + function ownerAt(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x24359879, id, 0))); // `ownerAt(uint256)`. + } + + /// @dev Sets `spender` as the approved account to manage token `id` in + /// the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + /// - The caller must be the owner of the token, + /// or an approved operator for the token owner. + /// + /// Emits an {Approval} event. + function approve(address spender, uint256 id) public payable virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + spender := shr(96, shl(96, spender)) + let m := mload(0x40) + mstore(0x00, 0xd10b6e0c) // `approveNFT(address,uint256,address)`. + mstore(0x20, spender) + mstore(0x40, id) + mstore(0x60, caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + gt(returndatasize(), 0x1f), // The call must return at least 32 bytes. + call(gas(), base, callvalue(), 0x1c, 0x64, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + mstore(0x40, m) // Restore the free memory pointer. + mstore(0x60, 0) // Restore the zero pointer. + // Emit the {Approval} event. + log4(codesize(), 0x00, _APPROVAL_EVENT_SIGNATURE, shr(96, mload(0x0c)), spender, id) + } + } + + /// @dev Returns the account approved to manage token `id` from + /// the base DN404 contract. + /// + /// Requirements: + /// - Token `id` must exist. + function getApproved(uint256 id) public view virtual returns (address) { + return address(uint160(_readWord(0x081812fc, id, 0))); // `getApproved(uint256)`. + } + + /// @dev Sets whether `operator` is approved to manage the tokens of the caller in + /// the base DN404 contract. + /// + /// Emits an {ApprovalForAll} event. + function setApprovalForAll(address operator, bool approved) public virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + operator := shr(96, shl(96, operator)) + let m := mload(0x40) + mstore(0x00, 0x813500fc) // `setApprovalForAll(address,bool,address)`. + mstore(0x20, operator) + mstore(0x40, iszero(iszero(approved))) + mstore(0x60, caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + eq(mload(0x00), 1), // The call must return 1. + call(gas(), base, callvalue(), 0x1c, 0x64, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + // Emit the {ApprovalForAll} event. + // The `approved` value is already at 0x40. + log3(0x40, 0x20, _APPROVAL_FOR_ALL_EVENT_SIGNATURE, caller(), operator) + mstore(0x40, m) // Restore the free memory pointer. + mstore(0x60, 0) // Restore the zero pointer. + } + } + + /// @dev Returns whether `operator` is approved to manage the tokens of `nftOwner` from + /// the base DN404 contract. + function isApprovedForAll(address nftOwner, address operator) + public + view + virtual + returns (bool) + { + // `isApprovedForAll(address,address)`. + return _readWord(0xe985e9c5, uint160(nftOwner), uint160(operator)) != 0; + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// - The caller must be the owner of the token, or be approved to manage the token. + /// + /// Emits a {Transfer} event. + function transferFrom(address from, address to, uint256 id) public payable virtual { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + from := shr(96, shl(96, from)) + to := shr(96, shl(96, to)) + let m := mload(0x40) + mstore(m, 0xe5eb36c8) // `transferFromNFT(address,address,uint256,address)`. + mstore(add(m, 0x20), from) + mstore(add(m, 0x40), to) + mstore(add(m, 0x60), id) + mstore(add(m, 0x80), caller()) + if iszero( + and( // Arguments of `and` are evaluated last to first. + eq(mload(m), 1), // The call must return 1. + call(gas(), base, callvalue(), add(m, 0x1c), 0x84, m, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + // Emit the {Transfer} event. + log4(codesize(), 0x00, _TRANSFER_EVENT_SIGNATURE, from, to, id) + } + } + + /// @dev Equivalent to `safeTransferFrom(from, to, id, "")`. + function safeTransferFrom(address from, address to, uint256 id) public payable virtual { + transferFrom(from, to, id); + if (_hasCode(to)) _checkOnERC721Received(from, to, id, ""); + } + + /// @dev Transfers token `id` from `from` to `to`. + /// + /// Requirements: + /// + /// - Token `id` must exist. + /// - `from` must be the owner of the token. + /// - `to` cannot be the zero address. + /// - The caller must be the owner of the token, or be approved to manage the token. + /// - If `to` refers to a smart contract, it must implement + /// {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. + /// + /// Emits a {Transfer} event. + function safeTransferFrom(address from, address to, uint256 id, bytes calldata data) + public + payable + virtual + { + transferFrom(from, to, id); + if (_hasCode(to)) _checkOnERC721Received(from, to, id, data); + } + + /// @dev Returns true if this contract implements the interface defined by `interfaceId`. + /// See: https://eips.ethereum.org/EIPS/eip-165 + /// This function call must use less than 30000 gas. + function supportsInterface(bytes4 interfaceId) public view virtual returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let s := shr(224, interfaceId) + // ERC165: 0x01ffc9a7, ERC721: 0x80ac58cd, ERC721Metadata: 0x5b5e139f. + result := or(or(eq(s, 0x01ffc9a7), eq(s, 0x80ac58cd)), eq(s, 0x5b5e139f)) + } + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* OWNER SYNCING OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the `owner` of the contract, for marketplace signaling purposes. + function owner() public view virtual returns (address) { + return _getDN404NFTStorage().owner; + } + + /// @dev Permissionless function to pull the owner from the base DN404 contract + /// if it implements ownable, for marketplace signaling purposes. + function pullOwner() public virtual returns (bool) { + address newOwner; + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x8da5cb5b) // `owner()`. + let success := staticcall(gas(), base, 0x1c, 0x04, 0x00, 0x20) + newOwner := mul(shr(96, mload(0x0c)), and(gt(returndatasize(), 0x1f), success)) + } + DN404NFTStorage storage $ = _getDN404NFTStorage(); + address oldOwner = $.owner; + if (oldOwner != newOwner) { + $.owner = newOwner; + emit OwnershipTransferred(oldOwner, newOwner); + } + return true; + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* MIRROR OPERATIONS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Returns the address of the base DN404 contract. + function baseERC20() public view virtual returns (address base) { + base = _getDN404NFTStorage().baseERC20; + if (base == address(0)) revert NotLinked(); + } + + /// @dev Fallback modifier to execute calls from the base DN404 contract. + modifier dn404NFTFallback() virtual { + DN404NFTStorage storage $ = _getDN404NFTStorage(); + + uint256 fnSelector = _calldataload(0x00) >> 224; + + // `logTransfer(uint256[])`. + if (fnSelector == 0x263c69d6) { + if (msg.sender != $.baseERC20) revert SenderNotBase(); + /// @solidity memory-safe-assembly + assembly { + let o := add(0x24, calldataload(0x04)) // Packed logs offset. + let end := add(o, shl(5, calldataload(sub(o, 0x20)))) + for {} iszero(eq(o, end)) { o := add(0x20, o) } { + let d := calldataload(o) // Entry in the packed logs. + let a := shr(96, d) // The address. + let b := and(1, d) // Whether it is a burn. + log4( + codesize(), + 0x00, + _TRANSFER_EVENT_SIGNATURE, + mul(a, b), // `from`. + mul(a, iszero(b)), // `to`. + shr(168, shl(160, d)) // `id`. + ) + } + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + // `logDirectTransfer(address,address,uint256[])`. + if (fnSelector == 0x144027d3) { + if (msg.sender != $.baseERC20) revert SenderNotBase(); + /// @solidity memory-safe-assembly + assembly { + let from := calldataload(0x04) + let to := calldataload(0x24) + let o := add(0x24, calldataload(0x44)) // Direct logs offset. + let end := add(o, shl(5, calldataload(sub(o, 0x20)))) + for {} iszero(eq(o, end)) { o := add(0x20, o) } { + log4(codesize(), 0x00, _TRANSFER_EVENT_SIGNATURE, from, to, calldataload(o)) + } + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + // `linkMirrorContract(address)`. + if (fnSelector == 0x0f4599e5) { + if ($.deployer != address(0)) { + if (address(uint160(_calldataload(0x04))) != $.deployer) { + revert SenderNotDeployer(); + } + } + if ($.baseERC20 != address(0)) revert AlreadyLinked(); + $.baseERC20 = msg.sender; + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x01) + return(0x00, 0x20) + } + } + _; + } + + /// @dev Fallback function for calls from base DN404 contract. + /// Override this if you need to implement your custom + /// fallback with utilities like Solady's `LibZip.cdFallback()`. + /// And always remember to always wrap the fallback with `dn404NFTFallback`. + fallback() external payable virtual dn404NFTFallback { + revert FnSelectorNotRecognized(); // Not mandatory. Just for quality of life. + } + + /// @dev This is to silence the compiler warning. + /// Override and remove the revert if you want your contract to receive ETH via receive. + receive() external payable virtual { + if (msg.value != 0) revert(); + } + + /*«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-«-*/ + /* PRIVATE HELPERS */ + /*-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»-»*/ + + /// @dev Helper to read a string from the base DN404 contract. + function _readString(uint256 fnSelector, uint256 arg0) + private + view + returns (string memory result) + { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + result := mload(0x40) + mstore(0x00, fnSelector) + mstore(0x20, arg0) + if iszero(staticcall(gas(), base, 0x1c, 0x24, 0x00, 0x00)) { + returndatacopy(result, 0x00, returndatasize()) + revert(result, returndatasize()) + } + returndatacopy(0x00, 0x00, 0x20) // Copy the offset of the string in returndata. + returndatacopy(result, mload(0x00), 0x20) // Copy the length of the string. + returndatacopy(add(result, 0x20), add(mload(0x00), 0x20), mload(result)) // Copy the string. + let end := add(add(result, 0x20), mload(result)) + mstore(end, 0) // Zeroize the word after the string. + mstore(0x40, add(end, 0x20)) // Allocate memory. + } + } + + /// @dev Helper to read a word from the base DN404 contract. + function _readWord(uint256 fnSelector, uint256 arg0, uint256 arg1) + private + view + returns (uint256 result) + { + address base = baseERC20(); + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) + mstore(0x00, fnSelector) + mstore(0x20, arg0) + mstore(0x40, arg1) + if iszero( + and( // Arguments of `and` are evaluated last to first. + gt(returndatasize(), 0x1f), // The call must return at least 32 bytes. + staticcall(gas(), base, 0x1c, 0x44, 0x00, 0x20) + ) + ) { + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + mstore(0x40, m) // Restore the free memory pointer. + result := mload(0x00) + } + } + + /// @dev Returns the calldata value at `offset`. + function _calldataload(uint256 offset) private pure returns (uint256 value) { + /// @solidity memory-safe-assembly + assembly { + value := calldataload(offset) + } + } + + /// @dev Returns if `a` has bytecode of non-zero length. + function _hasCode(address a) private view returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := extcodesize(a) // Can handle dirty upper bits. + } + } + + /// @dev Perform a call to invoke {IERC721Receiver-onERC721Received} on `to`. + /// Reverts if the target does not support the function correctly. + function _checkOnERC721Received(address from, address to, uint256 id, bytes memory data) + private + { + /// @solidity memory-safe-assembly + assembly { + // Prepare the calldata. + let m := mload(0x40) + let onERC721ReceivedSelector := 0x150b7a02 + mstore(m, onERC721ReceivedSelector) + mstore(add(m, 0x20), caller()) // The `operator`, which is always `msg.sender`. + mstore(add(m, 0x40), shr(96, shl(96, from))) + mstore(add(m, 0x60), id) + mstore(add(m, 0x80), 0x80) + let n := mload(data) + mstore(add(m, 0xa0), n) + if n { pop(staticcall(gas(), 4, add(data, 0x20), n, add(m, 0xc0), n)) } + // Revert if the call reverts. + if iszero(call(gas(), to, 0, add(m, 0x1c), add(n, 0xa4), m, 0x20)) { + if returndatasize() { + // Bubble up the revert if the call reverts. + returndatacopy(m, 0x00, returndatasize()) + revert(m, returndatasize()) + } + } + // Load the returndata and compare it. + if iszero(eq(mload(m), shl(224, onERC721ReceivedSelector))) { + mstore(0x00, 0xd1a57ed6) // `TransferToNonERC721ReceiverImplementer()`. + revert(0x1c, 0x04) + } + } + } +} + +abstract contract Ownable { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The caller is not authorized to call the function. + error Unauthorized(); + + /// @dev The `newOwner` cannot be the zero address. + error NewOwnerIsZeroAddress(); + + /// @dev The `pendingOwner` does not have a valid handover request. + error NoHandoverRequest(); + + /// @dev Cannot double-initialize. + error AlreadyInitialized(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* EVENTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The ownership is transferred from `oldOwner` to `newOwner`. + /// This event is intentionally kept the same as OpenZeppelin's Ownable to be + /// compatible with indexers and [EIP-173](https://eips.ethereum.org/EIPS/eip-173), + /// despite it not being as lightweight as a single argument event. + event OwnershipTransferred(address indexed oldOwner, address indexed newOwner); + + /// @dev An ownership handover to `pendingOwner` has been requested. + event OwnershipHandoverRequested(address indexed pendingOwner); + + /// @dev The ownership handover to `pendingOwner` has been canceled. + event OwnershipHandoverCanceled(address indexed pendingOwner); + + /// @dev `keccak256(bytes("OwnershipTransferred(address,address)"))`. + uint256 private constant _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE = + 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0; + + /// @dev `keccak256(bytes("OwnershipHandoverRequested(address)"))`. + uint256 private constant _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE = + 0xdbf36a107da19e49527a7176a1babf963b4b0ff8cde35ee35d6cd8f1f9ac7e1d; + + /// @dev `keccak256(bytes("OwnershipHandoverCanceled(address)"))`. + uint256 private constant _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE = + 0xfa7b8eab7da67f412cc9575ed43464468f9bfbae89d1675917346ca6d8fe3c92; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* STORAGE */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The owner slot is given by: + /// `bytes32(~uint256(uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))))`. + /// It is intentionally chosen to be a high value + /// to avoid collision with lower slots. + /// The choice of manual storage layout is to enable compatibility + /// with both regular and upgradeable contracts. + bytes32 internal constant _OWNER_SLOT = + 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffff74873927; + + /// The ownership handover slot of `newOwner` is given by: + /// ``` + /// mstore(0x00, or(shl(96, user), _HANDOVER_SLOT_SEED)) + /// let handoverSlot := keccak256(0x00, 0x20) + /// ``` + /// It stores the expiry timestamp of the two-step ownership handover. + uint256 private constant _HANDOVER_SLOT_SEED = 0x389a75e1; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* INTERNAL FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Override to return true to make `_initializeOwner` prevent double-initialization. + function _guardInitializeOwner() internal pure virtual returns (bool guard) {} + + /// @dev Initializes the owner directly without authorization guard. + /// This function must be called upon initialization, + /// regardless of whether the contract is upgradeable or not. + /// This is to enable generalization to both regular and upgradeable contracts, + /// and to save gas in case the initial owner is not the caller. + /// For performance reasons, this function will not check if there + /// is an existing owner. + function _initializeOwner(address newOwner) internal virtual { + if (_guardInitializeOwner()) { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + if sload(ownerSlot) { + mstore(0x00, 0x0dc149f0) // `AlreadyInitialized()`. + revert(0x1c, 0x04) + } + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Store the new value. + sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner)))) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner) + } + } else { + /// @solidity memory-safe-assembly + assembly { + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Store the new value. + sstore(_OWNER_SLOT, newOwner) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner) + } + } + } + + /// @dev Sets the owner directly without authorization guard. + function _setOwner(address newOwner) internal virtual { + if (_guardInitializeOwner()) { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner) + // Store the new value. + sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner)))) + } + } else { + /// @solidity memory-safe-assembly + assembly { + let ownerSlot := _OWNER_SLOT + // Clean the upper 96 bits. + newOwner := shr(96, shl(96, newOwner)) + // Emit the {OwnershipTransferred} event. + log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner) + // Store the new value. + sstore(ownerSlot, newOwner) + } + } + } + + /// @dev Throws if the sender is not the owner. + function _checkOwner() internal view virtual { + /// @solidity memory-safe-assembly + assembly { + // If the caller is not the stored owner, revert. + if iszero(eq(caller(), sload(_OWNER_SLOT))) { + mstore(0x00, 0x82b42900) // `Unauthorized()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Returns how long a two-step ownership handover is valid for in seconds. + /// Override to return a different value if needed. + /// Made internal to conserve bytecode. Wrap it in a public function if needed. + function _ownershipHandoverValidFor() internal view virtual returns (uint64) { + return 48 * 3600; + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* PUBLIC UPDATE FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Allows the owner to transfer the ownership to `newOwner`. + function transferOwnership(address newOwner) public payable virtual onlyOwner { + /// @solidity memory-safe-assembly + assembly { + if iszero(shl(96, newOwner)) { + mstore(0x00, 0x7448fbae) // `NewOwnerIsZeroAddress()`. + revert(0x1c, 0x04) + } + } + _setOwner(newOwner); + } + + /// @dev Allows the owner to renounce their ownership. + function renounceOwnership() public payable virtual onlyOwner { + _setOwner(address(0)); + } + + /// @dev Request a two-step ownership handover to the caller. + /// The request will automatically expire in 48 hours (172800 seconds) by default. + function requestOwnershipHandover() public payable virtual { + unchecked { + uint256 expires = block.timestamp + _ownershipHandoverValidFor(); + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to `expires`. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, caller()) + sstore(keccak256(0x0c, 0x20), expires) + // Emit the {OwnershipHandoverRequested} event. + log2(0, 0, _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE, caller()) + } + } + } + + /// @dev Cancels the two-step ownership handover to the caller, if any. + function cancelOwnershipHandover() public payable virtual { + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to 0. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, caller()) + sstore(keccak256(0x0c, 0x20), 0) + // Emit the {OwnershipHandoverCanceled} event. + log2(0, 0, _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE, caller()) + } + } + + /// @dev Allows the owner to complete the two-step ownership handover to `pendingOwner`. + /// Reverts if there is no existing ownership handover requested by `pendingOwner`. + function completeOwnershipHandover(address pendingOwner) public payable virtual onlyOwner { + /// @solidity memory-safe-assembly + assembly { + // Compute and set the handover slot to 0. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, pendingOwner) + let handoverSlot := keccak256(0x0c, 0x20) + // If the handover does not exist, or has expired. + if gt(timestamp(), sload(handoverSlot)) { + mstore(0x00, 0x6f5e8818) // `NoHandoverRequest()`. + revert(0x1c, 0x04) + } + // Set the handover slot to 0. + sstore(handoverSlot, 0) + } + _setOwner(pendingOwner); + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* PUBLIC READ FUNCTIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the owner of the contract. + function owner() public view virtual returns (address result) { + /// @solidity memory-safe-assembly + assembly { + result := sload(_OWNER_SLOT) + } + } + + /// @dev Returns the expiry timestamp for the two-step ownership handover to `pendingOwner`. + function ownershipHandoverExpiresAt(address pendingOwner) + public + view + virtual + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + // Compute the handover slot. + mstore(0x0c, _HANDOVER_SLOT_SEED) + mstore(0x00, pendingOwner) + // Load the handover slot. + result := sload(keccak256(0x0c, 0x20)) + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* MODIFIERS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Marks a function as only callable by the owner. + modifier onlyOwner() virtual { + _checkOwner(); + _; + } +} + +library LibString { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The length of the output is too small to contain all the hex digits. + error HexLengthInsufficient(); + + /// @dev The length of the string is more than 32 bytes. + error TooBigForSmallString(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CONSTANTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The constant returned when the `search` is not found in the string. + uint256 internal constant NOT_FOUND = type(uint256).max; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* DECIMAL OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the base 10 decimal representation of `value`. + function toString(uint256 value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + // The maximum value of a uint256 contains 78 digits (1 byte per digit), but + // we allocate 0xa0 bytes to keep the free memory pointer 32-byte word aligned. + // We will need 1 word for the trailing zeros padding, 1 word for the length, + // and 3 words for a maximum of 78 digits. + str := add(mload(0x40), 0x80) + // Update the free memory pointer to allocate. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end of the memory to calculate the length later. + let end := str + + let w := not(0) // Tsk. + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let temp := value } 1 {} { + str := add(str, w) // `sub(str, 1)`. + // Write the character to the pointer. + // The ASCII index of the '0' character is 48. + mstore8(str, add(48, mod(temp, 10))) + // Keep dividing `temp` until zero. + temp := div(temp, 10) + if iszero(temp) { break } + } + + let length := sub(end, str) + // Move the pointer 32 bytes leftwards to make room for the length. + str := sub(str, 0x20) + // Store the length. + mstore(str, length) + } + } + + /// @dev Returns the base 10 decimal representation of `value`. + function toString(int256 value) internal pure returns (string memory str) { + if (value >= 0) { + return toString(uint256(value)); + } + unchecked { + str = toString(~uint256(value) + 1); + } + /// @solidity memory-safe-assembly + assembly { + // We still have some spare memory space on the left, + // as we have allocated 3 words (96 bytes) for up to 78 digits. + let length := mload(str) // Load the string length. + mstore(str, 0x2d) // Store the '-' character. + str := sub(str, 1) // Move back the string pointer by a byte. + mstore(str, add(length, 1)) // Update the string length. + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* HEXADECIMAL OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the hexadecimal representation of `value`, + /// left-padded to an input length of `length` bytes. + /// The output is prefixed with "0x" encoded using 2 hexadecimal digits per byte, + /// giving a total length of `length * 2 + 2` bytes. + /// Reverts if `length` is too small for the output to contain all the digits. + function toHexString(uint256 value, uint256 length) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value, length); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`, + /// left-padded to an input length of `length` bytes. + /// The output is prefixed with "0x" encoded using 2 hexadecimal digits per byte, + /// giving a total length of `length * 2` bytes. + /// Reverts if `length` is too small for the output to contain all the digits. + function toHexStringNoPrefix(uint256 value, uint256 length) + internal + pure + returns (string memory str) + { + /// @solidity memory-safe-assembly + assembly { + // We need 0x20 bytes for the trailing zeros padding, `length * 2` bytes + // for the digits, 0x02 bytes for the prefix, and 0x20 bytes for the length. + // We add 0x20 to the total and round down to a multiple of 0x20. + // (0x20 + 0x20 + 0x02 + 0x20) = 0x62. + str := add(mload(0x40), and(add(shl(1, length), 0x42), not(0x1f))) + // Allocate the memory. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end to calculate the length later. + let end := str + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let start := sub(str, add(length, length)) + let w := not(1) // Tsk. + let temp := value + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for {} 1 {} { + str := add(str, w) // `sub(str, 2)`. + mstore8(add(str, 1), mload(and(temp, 15))) + mstore8(str, mload(and(shr(4, temp), 15))) + temp := shr(8, temp) + if iszero(xor(str, start)) { break } + } + + if temp { + mstore(0x00, 0x2194895a) // `HexLengthInsufficient()`. + revert(0x1c, 0x04) + } + + // Compute the string's length. + let strLength := sub(end, str) + // Move the pointer and write the length. + str := sub(str, 0x20) + mstore(str, strLength) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x" and encoded using 2 hexadecimal digits per byte. + /// As address are 20 bytes long, the output will left-padded to have + /// a length of `20 * 2 + 2` bytes. + function toHexString(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x". + /// The output excludes leading "0" from the `toHexString` output. + /// `0x00: "0x0", 0x01: "0x1", 0x12: "0x12", 0x123: "0x123"`. + function toMinimalHexString(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let o := eq(byte(0, mload(add(str, 0x20))), 0x30) // Whether leading zero is present. + let strLength := add(mload(str), 2) // Compute the length. + mstore(add(str, o), 0x3078) // Write the "0x" prefix, accounting for leading zero. + str := sub(add(str, o), 2) // Move the pointer, accounting for leading zero. + mstore(str, sub(strLength, o)) // Write the length, accounting for leading zero. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output excludes leading "0" from the `toHexStringNoPrefix` output. + /// `0x00: "0", 0x01: "1", 0x12: "12", 0x123: "123"`. + function toMinimalHexStringNoPrefix(uint256 value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let o := eq(byte(0, mload(add(str, 0x20))), 0x30) // Whether leading zero is present. + let strLength := mload(str) // Get the length. + str := add(str, o) // Move the pointer, accounting for leading zero. + mstore(str, sub(strLength, o)) // Write the length, accounting for leading zero. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is encoded using 2 hexadecimal digits per byte. + /// As address are 20 bytes long, the output will left-padded to have + /// a length of `20 * 2` bytes. + function toHexStringNoPrefix(uint256 value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + // We need 0x20 bytes for the trailing zeros padding, 0x20 bytes for the length, + // 0x02 bytes for the prefix, and 0x40 bytes for the digits. + // The next multiple of 0x20 above (0x20 + 0x20 + 0x02 + 0x40) is 0xa0. + str := add(mload(0x40), 0x80) + // Allocate the memory. + mstore(0x40, add(str, 0x20)) + // Zeroize the slot after the string. + mstore(str, 0) + + // Cache the end to calculate the length later. + let end := str + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let w := not(1) // Tsk. + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let temp := value } 1 {} { + str := add(str, w) // `sub(str, 2)`. + mstore8(add(str, 1), mload(and(temp, 15))) + mstore8(str, mload(and(shr(4, temp), 15))) + temp := shr(8, temp) + if iszero(temp) { break } + } + + // Compute the string's length. + let strLength := sub(end, str) + // Move the pointer and write the length. + str := sub(str, 0x20) + mstore(str, strLength) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x", encoded using 2 hexadecimal digits per byte, + /// and the alphabets are capitalized conditionally according to + /// https://eips.ethereum.org/EIPS/eip-55 + function toHexStringChecksummed(address value) internal pure returns (string memory str) { + str = toHexString(value); + /// @solidity memory-safe-assembly + assembly { + let mask := shl(6, div(not(0), 255)) // `0b010000000100000000 ...` + let o := add(str, 0x22) + let hashed := and(keccak256(o, 40), mul(34, mask)) // `0b10001000 ... ` + let t := shl(240, 136) // `0b10001000 << 240` + for { let i := 0 } 1 {} { + mstore(add(i, i), mul(t, byte(i, hashed))) + i := add(i, 1) + if eq(i, 20) { break } + } + mstore(o, xor(mload(o), shr(1, and(mload(0x00), and(mload(o), mask))))) + o := add(o, 0x20) + mstore(o, xor(mload(o), shr(1, and(mload(0x20), and(mload(o), mask))))) + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is prefixed with "0x" and encoded using 2 hexadecimal digits per byte. + function toHexString(address value) internal pure returns (string memory str) { + str = toHexStringNoPrefix(value); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hexadecimal representation of `value`. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexStringNoPrefix(address value) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + str := mload(0x40) + + // Allocate the memory. + // We need 0x20 bytes for the trailing zeros padding, 0x20 bytes for the length, + // 0x02 bytes for the prefix, and 0x28 bytes for the digits. + // The next multiple of 0x20 above (0x20 + 0x20 + 0x02 + 0x28) is 0x80. + mstore(0x40, add(str, 0x80)) + + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + str := add(str, 2) + mstore(str, 40) + + let o := add(str, 0x20) + mstore(add(o, 40), 0) + + value := shl(96, value) + + // We write the string from rightmost digit to leftmost digit. + // The following is essentially a do-while loop that also handles the zero case. + for { let i := 0 } 1 {} { + let p := add(o, add(i, i)) + let temp := byte(i, value) + mstore8(add(p, 1), mload(and(temp, 15))) + mstore8(p, mload(shr(4, temp))) + i := add(i, 1) + if eq(i, 20) { break } + } + } + } + + /// @dev Returns the hex encoded string from the raw bytes. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexString(bytes memory raw) internal pure returns (string memory str) { + str = toHexStringNoPrefix(raw); + /// @solidity memory-safe-assembly + assembly { + let strLength := add(mload(str), 2) // Compute the length. + mstore(str, 0x3078) // Write the "0x" prefix. + str := sub(str, 2) // Move the pointer. + mstore(str, strLength) // Write the length. + } + } + + /// @dev Returns the hex encoded string from the raw bytes. + /// The output is encoded using 2 hexadecimal digits per byte. + function toHexStringNoPrefix(bytes memory raw) internal pure returns (string memory str) { + /// @solidity memory-safe-assembly + assembly { + let length := mload(raw) + str := add(mload(0x40), 2) // Skip 2 bytes for the optional prefix. + mstore(str, add(length, length)) // Store the length of the output. + + // Store "0123456789abcdef" in scratch space. + mstore(0x0f, 0x30313233343536373839616263646566) + + let o := add(str, 0x20) + let end := add(raw, length) + + for {} iszero(eq(raw, end)) {} { + raw := add(raw, 1) + mstore8(add(o, 1), mload(and(mload(raw), 15))) + mstore8(o, mload(and(shr(4, mload(raw)), 15))) + o := add(o, 2) + } + mstore(o, 0) // Zeroize the slot after the string. + mstore(0x40, add(o, 0x20)) // Allocate the memory. + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* RUNE STRING OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Returns the number of UTF characters in the string. + function runeCount(string memory s) internal pure returns (uint256 result) { + /// @solidity memory-safe-assembly + assembly { + if mload(s) { + mstore(0x00, div(not(0), 255)) + mstore(0x20, 0x0202020202020202020202020202020202020202020202020303030304040506) + let o := add(s, 0x20) + let end := add(o, mload(s)) + for { result := 1 } 1 { result := add(result, 1) } { + o := add(o, byte(0, mload(shr(250, mload(o))))) + if iszero(lt(o, end)) { break } + } + } + } + } + + /// @dev Returns if this string is a 7-bit ASCII string. + /// (i.e. all characters codes are in [0..127]) + function is7BitASCII(string memory s) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + let mask := shl(7, div(not(0), 255)) + result := 1 + let n := mload(s) + if n { + let o := add(s, 0x20) + let end := add(o, n) + let last := mload(end) + mstore(end, 0) + for {} 1 {} { + if and(mask, mload(o)) { + result := 0 + break + } + o := add(o, 0x20) + if iszero(lt(o, end)) { break } + } + mstore(end, last) + } + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* BYTE STRING OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + // For performance and bytecode compactness, byte string operations are restricted + // to 7-bit ASCII strings. All offsets are byte offsets, not UTF character offsets. + // Usage of byte string operations on charsets with runes spanning two or more bytes + // can lead to undefined behavior. + + /// @dev Returns `subject` all occurrences of `search` replaced with `replacement`. + function replace(string memory subject, string memory search, string memory replacement) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + let searchLength := mload(search) + let replacementLength := mload(replacement) + + subject := add(subject, 0x20) + search := add(search, 0x20) + replacement := add(replacement, 0x20) + result := add(mload(0x40), 0x20) + + let subjectEnd := add(subject, subjectLength) + if iszero(gt(searchLength, subjectLength)) { + let subjectSearchEnd := add(sub(subjectEnd, searchLength), 1) + let h := 0 + if iszero(lt(searchLength, 0x20)) { h := keccak256(search, searchLength) } + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(search) + for {} 1 {} { + let t := mload(subject) + // Whether the first `searchLength % 32` bytes of + // `subject` and `search` matches. + if iszero(shr(m, xor(t, s))) { + if h { + if iszero(eq(keccak256(subject, searchLength), h)) { + mstore(result, t) + result := add(result, 1) + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + // Copy the `replacement` one word at a time. + for { let o := 0 } 1 {} { + mstore(add(result, o), mload(add(replacement, o))) + o := add(o, 0x20) + if iszero(lt(o, replacementLength)) { break } + } + result := add(result, replacementLength) + subject := add(subject, searchLength) + if searchLength { + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + mstore(result, t) + result := add(result, 1) + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + } + } + + let resultRemainder := result + result := add(mload(0x40), 0x20) + let k := add(sub(resultRemainder, result), sub(subjectEnd, subject)) + // Copy the rest of the string one word at a time. + for {} lt(subject, subjectEnd) {} { + mstore(resultRemainder, mload(subject)) + resultRemainder := add(resultRemainder, 0x20) + subject := add(subject, 0x20) + } + result := sub(result, 0x20) + let last := add(add(result, 0x20), k) // Zeroize the slot after the string. + mstore(last, 0) + mstore(0x40, add(last, 0x20)) // Allocate the memory. + mstore(result, k) // Store the length. + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from left to right, starting from `from`. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function indexOf(string memory subject, string memory search, uint256 from) + internal + pure + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + for { let subjectLength := mload(subject) } 1 {} { + if iszero(mload(search)) { + if iszero(gt(from, subjectLength)) { + result := from + break + } + result := subjectLength + break + } + let searchLength := mload(search) + let subjectStart := add(subject, 0x20) + + result := not(0) // Initialize to `NOT_FOUND`. + + subject := add(subjectStart, from) + let end := add(sub(add(subjectStart, subjectLength), searchLength), 1) + + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(add(search, 0x20)) + + if iszero(and(lt(subject, end), lt(from, subjectLength))) { break } + + if iszero(lt(searchLength, 0x20)) { + for { let h := keccak256(add(search, 0x20), searchLength) } 1 {} { + if iszero(shr(m, xor(mload(subject), s))) { + if eq(keccak256(subject, searchLength), h) { + result := sub(subject, subjectStart) + break + } + } + subject := add(subject, 1) + if iszero(lt(subject, end)) { break } + } + break + } + for {} 1 {} { + if iszero(shr(m, xor(mload(subject), s))) { + result := sub(subject, subjectStart) + break + } + subject := add(subject, 1) + if iszero(lt(subject, end)) { break } + } + break + } + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from left to right. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function indexOf(string memory subject, string memory search) + internal + pure + returns (uint256 result) + { + result = indexOf(subject, search, 0); + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from right to left, starting from `from`. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function lastIndexOf(string memory subject, string memory search, uint256 from) + internal + pure + returns (uint256 result) + { + /// @solidity memory-safe-assembly + assembly { + for {} 1 {} { + result := not(0) // Initialize to `NOT_FOUND`. + let searchLength := mload(search) + if gt(searchLength, mload(subject)) { break } + let w := result + + let fromMax := sub(mload(subject), searchLength) + if iszero(gt(fromMax, from)) { from := fromMax } + + let end := add(add(subject, 0x20), w) + subject := add(add(subject, 0x20), from) + if iszero(gt(subject, end)) { break } + // As this function is not too often used, + // we shall simply use keccak256 for smaller bytecode size. + for { let h := keccak256(add(search, 0x20), searchLength) } 1 {} { + if eq(keccak256(subject, searchLength), h) { + result := sub(subject, add(end, 1)) + break + } + subject := add(subject, w) // `sub(subject, 1)`. + if iszero(gt(subject, end)) { break } + } + break + } + } + } + + /// @dev Returns the byte index of the first location of `search` in `subject`, + /// searching from right to left. + /// Returns `NOT_FOUND` (i.e. `type(uint256).max`) if the `search` is not found. + function lastIndexOf(string memory subject, string memory search) + internal + pure + returns (uint256 result) + { + result = lastIndexOf(subject, search, uint256(int256(-1))); + } + + /// @dev Returns true if `search` is found in `subject`, false otherwise. + function contains(string memory subject, string memory search) internal pure returns (bool) { + return indexOf(subject, search) != NOT_FOUND; + } + + /// @dev Returns whether `subject` starts with `search`. + function startsWith(string memory subject, string memory search) + internal + pure + returns (bool result) + { + /// @solidity memory-safe-assembly + assembly { + let searchLength := mload(search) + // Just using keccak256 directly is actually cheaper. + // forgefmt: disable-next-item + result := and( + iszero(gt(searchLength, mload(subject))), + eq( + keccak256(add(subject, 0x20), searchLength), + keccak256(add(search, 0x20), searchLength) + ) + ) + } + } + + /// @dev Returns whether `subject` ends with `search`. + function endsWith(string memory subject, string memory search) + internal + pure + returns (bool result) + { + /// @solidity memory-safe-assembly + assembly { + let searchLength := mload(search) + let subjectLength := mload(subject) + // Whether `search` is not longer than `subject`. + let withinRange := iszero(gt(searchLength, subjectLength)) + // Just using keccak256 directly is actually cheaper. + // forgefmt: disable-next-item + result := and( + withinRange, + eq( + keccak256( + // `subject + 0x20 + max(subjectLength - searchLength, 0)`. + add(add(subject, 0x20), mul(withinRange, sub(subjectLength, searchLength))), + searchLength + ), + keccak256(add(search, 0x20), searchLength) + ) + ) + } + } + + /// @dev Returns `subject` repeated `times`. + function repeat(string memory subject, uint256 times) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + if iszero(or(iszero(times), iszero(subjectLength))) { + subject := add(subject, 0x20) + result := mload(0x40) + let output := add(result, 0x20) + for {} 1 {} { + // Copy the `subject` one word at a time. + for { let o := 0 } 1 {} { + mstore(add(output, o), mload(add(subject, o))) + o := add(o, 0x20) + if iszero(lt(o, subjectLength)) { break } + } + output := add(output, subjectLength) + times := sub(times, 1) + if iszero(times) { break } + } + mstore(output, 0) // Zeroize the slot after the string. + let resultLength := sub(output, add(result, 0x20)) + mstore(result, resultLength) // Store the length. + // Allocate the memory. + mstore(0x40, add(result, add(resultLength, 0x20))) + } + } + } + + /// @dev Returns a copy of `subject` sliced from `start` to `end` (exclusive). + /// `start` and `end` are byte offsets. + function slice(string memory subject, uint256 start, uint256 end) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + if iszero(gt(subjectLength, end)) { end := subjectLength } + if iszero(gt(subjectLength, start)) { start := subjectLength } + if lt(start, end) { + result := mload(0x40) + let resultLength := sub(end, start) + mstore(result, resultLength) + subject := add(subject, start) + let w := not(0x1f) + // Copy the `subject` one word at a time, backwards. + for { let o := and(add(resultLength, 0x1f), w) } 1 {} { + mstore(add(result, o), mload(add(subject, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + // Zeroize the slot after the string. + mstore(add(add(result, 0x20), resultLength), 0) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, add(result, and(add(resultLength, 0x3f), w))) + } + } + } + + /// @dev Returns a copy of `subject` sliced from `start` to the end of the string. + /// `start` is a byte offset. + function slice(string memory subject, uint256 start) + internal + pure + returns (string memory result) + { + result = slice(subject, start, uint256(int256(-1))); + } + + /// @dev Returns all the indices of `search` in `subject`. + /// The indices are byte offsets. + function indicesOf(string memory subject, string memory search) + internal + pure + returns (uint256[] memory result) + { + /// @solidity memory-safe-assembly + assembly { + let subjectLength := mload(subject) + let searchLength := mload(search) + + if iszero(gt(searchLength, subjectLength)) { + subject := add(subject, 0x20) + search := add(search, 0x20) + result := add(mload(0x40), 0x20) + + let subjectStart := subject + let subjectSearchEnd := add(sub(add(subject, subjectLength), searchLength), 1) + let h := 0 + if iszero(lt(searchLength, 0x20)) { h := keccak256(search, searchLength) } + let m := shl(3, sub(0x20, and(searchLength, 0x1f))) + let s := mload(search) + for {} 1 {} { + let t := mload(subject) + // Whether the first `searchLength % 32` bytes of + // `subject` and `search` matches. + if iszero(shr(m, xor(t, s))) { + if h { + if iszero(eq(keccak256(subject, searchLength), h)) { + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + // Append to `result`. + mstore(result, sub(subject, subjectStart)) + result := add(result, 0x20) + // Advance `subject` by `searchLength`. + subject := add(subject, searchLength) + if searchLength { + if iszero(lt(subject, subjectSearchEnd)) { break } + continue + } + } + subject := add(subject, 1) + if iszero(lt(subject, subjectSearchEnd)) { break } + } + let resultEnd := result + // Assign `result` to the free memory pointer. + result := mload(0x40) + // Store the length of `result`. + mstore(result, shr(5, sub(resultEnd, add(result, 0x20)))) + // Allocate memory for result. + // We allocate one more word, so this array can be recycled for {split}. + mstore(0x40, add(resultEnd, 0x20)) + } + } + } + + /// @dev Returns a arrays of strings based on the `delimiter` inside of the `subject` string. + function split(string memory subject, string memory delimiter) + internal + pure + returns (string[] memory result) + { + uint256[] memory indices = indicesOf(subject, delimiter); + /// @solidity memory-safe-assembly + assembly { + let w := not(0x1f) + let indexPtr := add(indices, 0x20) + let indicesEnd := add(indexPtr, shl(5, add(mload(indices), 1))) + mstore(add(indicesEnd, w), mload(subject)) + mstore(indices, add(mload(indices), 1)) + let prevIndex := 0 + for {} 1 {} { + let index := mload(indexPtr) + mstore(indexPtr, 0x60) + if iszero(eq(index, prevIndex)) { + let element := mload(0x40) + let elementLength := sub(index, prevIndex) + mstore(element, elementLength) + // Copy the `subject` one word at a time, backwards. + for { let o := and(add(elementLength, 0x1f), w) } 1 {} { + mstore(add(element, o), mload(add(add(subject, prevIndex), o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + // Zeroize the slot after the string. + mstore(add(add(element, 0x20), elementLength), 0) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, add(element, and(add(elementLength, 0x3f), w))) + // Store the `element` into the array. + mstore(indexPtr, element) + } + prevIndex := add(index, mload(delimiter)) + indexPtr := add(indexPtr, 0x20) + if iszero(lt(indexPtr, indicesEnd)) { break } + } + result := indices + if iszero(mload(delimiter)) { + result := add(indices, 0x20) + mstore(result, sub(mload(indices), 2)) + } + } + } + + /// @dev Returns a concatenated string of `a` and `b`. + /// Cheaper than `string.concat()` and does not de-align the free memory pointer. + function concat(string memory a, string memory b) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let w := not(0x1f) + result := mload(0x40) + let aLength := mload(a) + // Copy `a` one word at a time, backwards. + for { let o := and(add(aLength, 0x20), w) } 1 {} { + mstore(add(result, o), mload(add(a, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + let bLength := mload(b) + let output := add(result, aLength) + // Copy `b` one word at a time, backwards. + for { let o := and(add(bLength, 0x20), w) } 1 {} { + mstore(add(output, o), mload(add(b, o))) + o := add(o, w) // `sub(o, 0x20)`. + if iszero(o) { break } + } + let totalLength := add(aLength, bLength) + let last := add(add(result, 0x20), totalLength) + // Zeroize the slot after the string. + mstore(last, 0) + // Stores the length. + mstore(result, totalLength) + // Allocate memory for the length and the bytes, + // rounded up to a multiple of 32. + mstore(0x40, and(add(last, 0x1f), w)) + } + } + + /// @dev Returns a copy of the string in either lowercase or UPPERCASE. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function toCase(string memory subject, bool toUpper) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let length := mload(subject) + if length { + result := add(mload(0x40), 0x20) + subject := add(subject, 1) + let flags := shl(add(70, shl(5, toUpper)), 0x3ffffff) + let w := not(0) + for { let o := length } 1 {} { + o := add(o, w) + let b := and(0xff, mload(add(subject, o))) + mstore8(add(result, o), xor(b, and(shr(b, flags), 0x20))) + if iszero(o) { break } + } + result := mload(0x40) + mstore(result, length) // Store the length. + let last := add(add(result, 0x20), length) + mstore(last, 0) // Zeroize the slot after the string. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + } + + /// @dev Returns a string from a small bytes32 string. + /// `s` must be null-terminated, or behavior will be undefined. + function fromSmallString(bytes32 s) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + result := mload(0x40) + let n := 0 + for {} byte(n, s) { n := add(n, 1) } {} // Scan for '\0'. + mstore(result, n) + let o := add(result, 0x20) + mstore(o, s) + mstore(add(o, n), 0) + mstore(0x40, add(result, 0x40)) + } + } + + /// @dev Returns the small string, with all bytes after the first null byte zeroized. + function normalizeSmallString(bytes32 s) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + for {} byte(result, s) { result := add(result, 1) } {} // Scan for '\0'. + mstore(0x00, s) + mstore(result, 0x00) + result := mload(0x00) + } + } + + /// @dev Returns the string as a normalized null-terminated small string. + function toSmallString(string memory s) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + result := mload(s) + if iszero(lt(result, 33)) { + mstore(0x00, 0xec92f9a3) // `TooBigForSmallString()`. + revert(0x1c, 0x04) + } + result := shl(shl(3, sub(32, result)), mload(add(s, result))) + } + } + + /// @dev Returns a lowercased copy of the string. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function lower(string memory subject) internal pure returns (string memory result) { + result = toCase(subject, false); + } + + /// @dev Returns an UPPERCASED copy of the string. + /// WARNING! This function is only compatible with 7-bit ASCII strings. + function upper(string memory subject) internal pure returns (string memory result) { + result = toCase(subject, true); + } + + /// @dev Escapes the string to be used within HTML tags. + function escapeHTML(string memory s) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + let end := add(s, mload(s)) + result := add(mload(0x40), 0x20) + // Store the bytes of the packed offsets and strides into the scratch space. + // `packed = (stride << 5) | offset`. Max offset is 20. Max stride is 6. + mstore(0x1f, 0x900094) + mstore(0x08, 0xc0000000a6ab) + // Store ""&'<>" into the scratch space. + mstore(0x00, shl(64, 0x2671756f743b26616d703b262333393b266c743b2667743b)) + for {} iszero(eq(s, end)) {} { + s := add(s, 1) + let c := and(mload(s), 0xff) + // Not in `["\"","'","&","<",">"]`. + if iszero(and(shl(c, 1), 0x500000c400000000)) { + mstore8(result, c) + result := add(result, 1) + continue + } + let t := shr(248, mload(c)) + mstore(result, mload(and(t, 0x1f))) + result := add(result, shr(5, t)) + } + let last := result + mstore(last, 0) // Zeroize the slot after the string. + result := mload(0x40) + mstore(result, sub(last, add(result, 0x20))) // Store the length. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + + /// @dev Escapes the string to be used within double-quotes in a JSON. + /// If `addDoubleQuotes` is true, the result will be enclosed in double-quotes. + function escapeJSON(string memory s, bool addDoubleQuotes) + internal + pure + returns (string memory result) + { + /// @solidity memory-safe-assembly + assembly { + let end := add(s, mload(s)) + result := add(mload(0x40), 0x20) + if addDoubleQuotes { + mstore8(result, 34) + result := add(1, result) + } + // Store "\\u0000" in scratch space. + // Store "0123456789abcdef" in scratch space. + // Also, store `{0x08:"b", 0x09:"t", 0x0a:"n", 0x0c:"f", 0x0d:"r"}`. + // into the scratch space. + mstore(0x15, 0x5c75303030303031323334353637383961626364656662746e006672) + // Bitmask for detecting `["\"","\\"]`. + let e := or(shl(0x22, 1), shl(0x5c, 1)) + for {} iszero(eq(s, end)) {} { + s := add(s, 1) + let c := and(mload(s), 0xff) + if iszero(lt(c, 0x20)) { + if iszero(and(shl(c, 1), e)) { + // Not in `["\"","\\"]`. + mstore8(result, c) + result := add(result, 1) + continue + } + mstore8(result, 0x5c) // "\\". + mstore8(add(result, 1), c) + result := add(result, 2) + continue + } + if iszero(and(shl(c, 1), 0x3700)) { + // Not in `["\b","\t","\n","\f","\d"]`. + mstore8(0x1d, mload(shr(4, c))) // Hex value. + mstore8(0x1e, mload(and(c, 15))) // Hex value. + mstore(result, mload(0x19)) // "\\u00XX". + result := add(result, 6) + continue + } + mstore8(result, 0x5c) // "\\". + mstore8(add(result, 1), mload(add(c, 8))) + result := add(result, 2) + } + if addDoubleQuotes { + mstore8(result, 34) + result := add(1, result) + } + let last := result + mstore(last, 0) // Zeroize the slot after the string. + result := mload(0x40) + mstore(result, sub(last, add(result, 0x20))) // Store the length. + mstore(0x40, add(last, 0x20)) // Allocate the memory. + } + } + + /// @dev Escapes the string to be used within double-quotes in a JSON. + function escapeJSON(string memory s) internal pure returns (string memory result) { + result = escapeJSON(s, false); + } + + /// @dev Returns whether `a` equals `b`. + function eq(string memory a, string memory b) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + result := eq(keccak256(add(a, 0x20), mload(a)), keccak256(add(b, 0x20), mload(b))) + } + } + + /// @dev Returns whether `a` equals `b`, where `b` is a null-terminated small string. + function eqs(string memory a, bytes32 b) internal pure returns (bool result) { + /// @solidity memory-safe-assembly + assembly { + // These should be evaluated on compile time, as far as possible. + let m := not(shl(7, div(not(iszero(b)), 255))) // `0x7f7f ...`. + let x := not(or(m, or(b, add(m, and(b, m))))) + let r := shl(7, iszero(iszero(shr(128, x)))) + r := or(r, shl(6, iszero(iszero(shr(64, shr(r, x)))))) + r := or(r, shl(5, lt(0xffffffff, shr(r, x)))) + r := or(r, shl(4, lt(0xffff, shr(r, x)))) + r := or(r, shl(3, lt(0xff, shr(r, x)))) + // forgefmt: disable-next-item + result := gt(eq(mload(a), add(iszero(x), xor(31, shr(3, r)))), + xor(shr(add(8, r), b), shr(add(8, r), mload(add(a, 0x20))))) + } + } + + /// @dev Packs a single string with its length into a single word. + /// Returns `bytes32(0)` if the length is zero or greater than 31. + function packOne(string memory a) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + // We don't need to zero right pad the string, + // since this is our own custom non-standard packing scheme. + result := + mul( + // Load the length and the bytes. + mload(add(a, 0x1f)), + // `length != 0 && length < 32`. Abuses underflow. + // Assumes that the length is valid and within the block gas limit. + lt(sub(mload(a), 1), 0x1f) + ) + } + } + + /// @dev Unpacks a string packed using {packOne}. + /// Returns the empty string if `packed` is `bytes32(0)`. + /// If `packed` is not an output of {packOne}, the output behavior is undefined. + function unpackOne(bytes32 packed) internal pure returns (string memory result) { + /// @solidity memory-safe-assembly + assembly { + // Grab the free memory pointer. + result := mload(0x40) + // Allocate 2 words (1 for the length, 1 for the bytes). + mstore(0x40, add(result, 0x40)) + // Zeroize the length slot. + mstore(result, 0) + // Store the length and bytes. + mstore(add(result, 0x1f), packed) + // Right pad with zeroes. + mstore(add(add(result, 0x20), mload(result)), 0) + } + } + + /// @dev Packs two strings with their lengths into a single word. + /// Returns `bytes32(0)` if combined length is zero or greater than 30. + function packTwo(string memory a, string memory b) internal pure returns (bytes32 result) { + /// @solidity memory-safe-assembly + assembly { + let aLength := mload(a) + // We don't need to zero right pad the strings, + // since this is our own custom non-standard packing scheme. + result := + mul( + // Load the length and the bytes of `a` and `b`. + or( + shl(shl(3, sub(0x1f, aLength)), mload(add(a, aLength))), + mload(sub(add(b, 0x1e), aLength)) + ), + // `totalLength != 0 && totalLength < 31`. Abuses underflow. + // Assumes that the lengths are valid and within the block gas limit. + lt(sub(add(aLength, mload(b)), 1), 0x1e) + ) + } + } + + /// @dev Unpacks strings packed using {packTwo}. + /// Returns the empty strings if `packed` is `bytes32(0)`. + /// If `packed` is not an output of {packTwo}, the output behavior is undefined. + function unpackTwo(bytes32 packed) + internal + pure + returns (string memory resultA, string memory resultB) + { + /// @solidity memory-safe-assembly + assembly { + // Grab the free memory pointer. + resultA := mload(0x40) + resultB := add(resultA, 0x40) + // Allocate 2 words for each string (1 for the length, 1 for the byte). Total 4 words. + mstore(0x40, add(resultB, 0x40)) + // Zeroize the length slots. + mstore(resultA, 0) + mstore(resultB, 0) + // Store the lengths and bytes. + mstore(add(resultA, 0x1f), packed) + mstore(add(resultB, 0x1f), mload(add(add(resultA, 0x20), mload(resultA)))) + // Right pad with zeroes. + mstore(add(add(resultA, 0x20), mload(resultA)), 0) + mstore(add(add(resultB, 0x20), mload(resultB)), 0) + } + } + + /// @dev Directly returns `a` without copying. + function directReturn(string memory a) internal pure { + assembly { + // Assumes that the string does not start from the scratch space. + let retStart := sub(a, 0x20) + let retSize := add(mload(a), 0x40) + // Right pad with zeroes. Just in case the string is produced + // by a method that doesn't zero right pad. + mstore(add(retStart, retSize), 0) + // Store the return offset. + mstore(retStart, 0x20) + // End the transaction, returning the string. + return(retStart, retSize) + } + } +} + +library SafeTransferLib { + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CUSTOM ERRORS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev The ETH transfer has failed. + error ETHTransferFailed(); + + /// @dev The ERC20 `transferFrom` has failed. + error TransferFromFailed(); + + /// @dev The ERC20 `transfer` has failed. + error TransferFailed(); + + /// @dev The ERC20 `approve` has failed. + error ApproveFailed(); + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* CONSTANTS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Suggested gas stipend for contract receiving ETH that disallows any storage writes. + uint256 internal constant GAS_STIPEND_NO_STORAGE_WRITES = 2300; + + /// @dev Suggested gas stipend for contract receiving ETH to perform a few + /// storage reads and writes, but low enough to prevent griefing. + uint256 internal constant GAS_STIPEND_NO_GRIEF = 100000; + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* ETH OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + // If the ETH transfer MUST succeed with a reasonable gas budget, use the force variants. + // + // The regular variants: + // - Forwards all remaining gas to the target. + // - Reverts if the target reverts. + // - Reverts if the current contract has insufficient balance. + // + // The force variants: + // - Forwards with an optional gas stipend + // (defaults to `GAS_STIPEND_NO_GRIEF`, which is sufficient for most cases). + // - If the target reverts, or if the gas stipend is exhausted, + // creates a temporary contract to force send the ETH via `SELFDESTRUCT`. + // Future compatible with `SENDALL`: https://eips.ethereum.org/EIPS/eip-4758. + // - Reverts if the current contract has insufficient balance. + // + // The try variants: + // - Forwards with a mandatory gas stipend. + // - Instead of reverting, returns whether the transfer succeeded. + + /// @dev Sends `amount` (in wei) ETH to `to`. + function safeTransferETH(address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + if iszero(call(gas(), to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Sends all the ETH in the current contract to `to`. + function safeTransferAllETH(address to) internal { + /// @solidity memory-safe-assembly + assembly { + // Transfer all the ETH and check if it succeeded or not. + if iszero(call(gas(), to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + } + } + + /// @dev Force sends `amount` (in wei) ETH to `to`, with a `gasStipend`. + function forceSafeTransferETH(address to, uint256 amount, uint256 gasStipend) internal { + /// @solidity memory-safe-assembly + assembly { + if lt(selfbalance(), amount) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + if iszero(call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends all the ETH in the current contract to `to`, with a `gasStipend`. + function forceSafeTransferAllETH(address to, uint256 gasStipend) internal { + /// @solidity memory-safe-assembly + assembly { + if iszero(call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends `amount` (in wei) ETH to `to`, with `GAS_STIPEND_NO_GRIEF`. + function forceSafeTransferETH(address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + if lt(selfbalance(), amount) { + mstore(0x00, 0xb12d13eb) // `ETHTransferFailed()`. + revert(0x1c, 0x04) + } + if iszero(call(GAS_STIPEND_NO_GRIEF, to, amount, codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(amount, 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Force sends all the ETH in the current contract to `to`, with `GAS_STIPEND_NO_GRIEF`. + function forceSafeTransferAllETH(address to) internal { + /// @solidity memory-safe-assembly + assembly { + // forgefmt: disable-next-item + if iszero(call(GAS_STIPEND_NO_GRIEF, to, selfbalance(), codesize(), 0x00, codesize(), 0x00)) { + mstore(0x00, to) // Store the address in scratch space. + mstore8(0x0b, 0x73) // Opcode `PUSH20`. + mstore8(0x20, 0xff) // Opcode `SELFDESTRUCT`. + if iszero(create(selfbalance(), 0x0b, 0x16)) { revert(codesize(), codesize()) } // For gas estimation. + } + } + } + + /// @dev Sends `amount` (in wei) ETH to `to`, with a `gasStipend`. + function trySafeTransferETH(address to, uint256 amount, uint256 gasStipend) + internal + returns (bool success) + { + /// @solidity memory-safe-assembly + assembly { + success := call(gasStipend, to, amount, codesize(), 0x00, codesize(), 0x00) + } + } + + /// @dev Sends all the ETH in the current contract to `to`, with a `gasStipend`. + function trySafeTransferAllETH(address to, uint256 gasStipend) + internal + returns (bool success) + { + /// @solidity memory-safe-assembly + assembly { + success := call(gasStipend, to, selfbalance(), codesize(), 0x00, codesize(), 0x00) + } + } + + /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/ + /* ERC20 OPERATIONS */ + /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/ + + /// @dev Sends `amount` of ERC20 `token` from `from` to `to`. + /// Reverts upon failure. + /// + /// The `from` account must have at least `amount` approved for + /// the current contract to manage. + function safeTransferFrom(address token, address from, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) // Cache the free memory pointer. + mstore(0x60, amount) // Store the `amount` argument. + mstore(0x40, to) // Store the `to` argument. + mstore(0x2c, shl(96, from)) // Store the `from` argument. + mstore(0x0c, 0x23b872dd000000000000000000000000) // `transferFrom(address,address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x60, 0) // Restore the zero slot to zero. + mstore(0x40, m) // Restore the free memory pointer. + } + } + + /// @dev Sends all of ERC20 `token` from `from` to `to`. + /// Reverts upon failure. + /// + /// The `from` account must have their entire balance approved for + /// the current contract to manage. + function safeTransferAllFrom(address token, address from, address to) + internal + returns (uint256 amount) + { + /// @solidity memory-safe-assembly + assembly { + let m := mload(0x40) // Cache the free memory pointer. + mstore(0x40, to) // Store the `to` argument. + mstore(0x2c, shl(96, from)) // Store the `from` argument. + mstore(0x0c, 0x70a08231000000000000000000000000) // `balanceOf(address)`. + // Read the balance, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x1c, 0x24, 0x60, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x00, 0x23b872dd) // `transferFrom(address,address,uint256)`. + amount := mload(0x60) // The `amount` is already at 0x60. We'll need to return it. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x1c, 0x64, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x7939f424) // `TransferFromFailed()`. + revert(0x1c, 0x04) + } + mstore(0x60, 0) // Restore the zero slot to zero. + mstore(0x40, m) // Restore the free memory pointer. + } + } + + /// @dev Sends `amount` of ERC20 `token` from the current contract to `to`. + /// Reverts upon failure. + function safeTransfer(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sends all of ERC20 `token` from the current contract to `to`. + /// Reverts upon failure. + function safeTransferAll(address token, address to) internal returns (uint256 amount) { + /// @solidity memory-safe-assembly + assembly { + mstore(0x00, 0x70a08231) // Store the function selector of `balanceOf(address)`. + mstore(0x20, address()) // Store the address of the current contract. + // Read the balance, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x1c, 0x24, 0x34, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x14, to) // Store the `to` argument. + amount := mload(0x34) // The `amount` is already at 0x34. We'll need to return it. + mstore(0x00, 0xa9059cbb000000000000000000000000) // `transfer(address,uint256)`. + // Perform the transfer, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x90b8ec18) // `TransferFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract. + /// Reverts upon failure. + function safeApprove(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + // Perform the approval, reverting upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`. + revert(0x1c, 0x04) + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Sets `amount` of ERC20 `token` for `to` to manage on behalf of the current contract. + /// If the initial attempt to approve fails, attempts to reset the approved amount to zero, + /// then retries the approval again (some tokens, e.g. USDT, requires this). + /// Reverts upon failure. + function safeApproveWithRetry(address token, address to, uint256 amount) internal { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, to) // Store the `to` argument. + mstore(0x34, amount) // Store the `amount` argument. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + // Perform the approval, retrying upon failure. + if iszero( + and( // The arguments of `and` are evaluated from right to left. + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x34, 0) // Store 0 for the `amount`. + mstore(0x00, 0x095ea7b3000000000000000000000000) // `approve(address,uint256)`. + pop(call(gas(), token, 0, 0x10, 0x44, codesize(), 0x00)) // Reset the approval. + mstore(0x34, amount) // Store back the original `amount`. + // Retry the approval, reverting upon failure. + if iszero( + and( + or(eq(mload(0x00), 1), iszero(returndatasize())), // Returned 1 or nothing. + call(gas(), token, 0, 0x10, 0x44, 0x00, 0x20) + ) + ) { + mstore(0x00, 0x3e3f8f73) // `ApproveFailed()`. + revert(0x1c, 0x04) + } + } + mstore(0x34, 0) // Restore the part of the free memory pointer that was overwritten. + } + } + + /// @dev Returns the amount of ERC20 `token` owned by `account`. + /// Returns zero if the `token` does not exist. + function balanceOf(address token, address account) internal view returns (uint256 amount) { + /// @solidity memory-safe-assembly + assembly { + mstore(0x14, account) // Store the `account` argument. + mstore(0x00, 0x70a08231000000000000000000000000) // `balanceOf(address)`. + amount := + mul( + mload(0x20), + and( // The arguments of `and` are evaluated from right to left. + gt(returndatasize(), 0x1f), // At least 32 bytes returned. + staticcall(gas(), token, 0x10, 0x24, 0x20, 0x20) + ) + ) + } + } +} + +// SPDX-License-Identifier: MIT +/** + * @title SimpleDN404 + * @notice Sample DN404 contract that demonstrates the owner selling fungible tokens. + * When a user has at least one base unit (10^18) amount of tokens, they will automatically receive an NFT. + * NFTs are minted as an address accumulates each base unit amount of tokens. + */ +contract SimpleDN404 is DN404, Ownable { + string private _name; + string private _symbol; + string private _baseURI; + + constructor( + string memory name_, + string memory symbol_, + uint96 initialTokenSupply, + address initialSupplyOwner + ) { + _initializeOwner(msg.sender); + + _name = name_; + _symbol = symbol_; + + address mirror = address(new DN404Mirror(msg.sender)); + _initializeDN404(initialTokenSupply, initialSupplyOwner, mirror); + } + + function name() public view override returns (string memory) { + return _name; + } + + function symbol() public view override returns (string memory) { + return _symbol; + } + + function tokenURI(uint256 tokenId) public view override returns (string memory result) { + if (bytes(_baseURI).length != 0) { + result = string(abi.encodePacked(_baseURI, LibString.toString(tokenId))); + } + } + + // This allows the owner of the contract to mint more tokens. + function mint(address to, uint256 amount) public onlyOwner { + _mint(to, amount); + } + + function setBaseURI(string calldata baseURI_) public onlyOwner { + _baseURI = baseURI_; + } + + function withdraw() public onlyOwner { + SafeTransferLib.safeTransferAllETH(msg.sender); + } +} \ No newline at end of file diff --git a/packages/hardhat/hardhat.config.ts b/packages/hardhat/hardhat.config.ts index a34332c..045785e 100644 --- a/packages/hardhat/hardhat.config.ts +++ b/packages/hardhat/hardhat.config.ts @@ -126,10 +126,28 @@ const config: HardhatUserConfig = { url: "https://sepolia.publicgoods.network", accounts: [deployerPrivateKey], }, + blast_sepolia: { + url: 'https://sepolia.blast.io', + accounts: [process.env.PRIVATE_KEY] + }, }, // configuration for harhdat-verify plugin etherscan: { - apiKey: `${etherscanApiKey}`, + apiKey: { + mainnet: `${etherscanApiKey}`, + sepolia: `${etherscanApiKey}`, + blast_sepolia: "blast_sepolia", // apiKey is not required, just set a placeholder + }, + customChains: [ + { + network: "blast_sepolia", + chainId: 168587773, + urls: { + apiURL: "https://api.routescan.io/v2/network/testnet/evm/168587773/etherscan", + browserURL: "https://testnet.blastscan.io" + } + } + ] }, // configuration for etherscan-verify from hardhat-deploy plugin verify: {