@etherisc/gif-next 0.0.2-ce2fc91-485 → 0.0.2-ce8407f-016
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +71 -25
- package/artifacts/contracts/components/IBaseComponent.sol/IBaseComponent.dbg.json +1 -1
- package/artifacts/contracts/components/IBaseComponent.sol/IBaseComponent.json +115 -48
- package/artifacts/contracts/experiment/errors/Require.sol/Require.dbg.json +1 -1
- package/artifacts/contracts/experiment/errors/Revert.sol/Revert.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/A.sol/A.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/A.sol/AShared.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/B.sol/B.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/C.sol/C.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IA.sol/IA.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IA.sol/ISharedA.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IB.sol/IB.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IC.sol/IC.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/Dummy.sol/LifeCycleModule.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/Dummy.sol/LifeCycleModule.json +2 -2
- package/artifacts/contracts/experiment/statemachine/ISM.sol/ISM.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/ISM.sol/ISMEE.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SM.sol/SM.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SM.sol/SM.json +2 -2
- package/artifacts/contracts/experiment/statemachine/SimpleStateMachine.sol/SimpleStateMachine.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SimpleStateMachine.sol/SimpleStateMachine.json +2 -2
- package/artifacts/contracts/experiment/types/TypeA.sol/TypeALib.dbg.json +1 -1
- package/artifacts/contracts/experiment/types/TypeB.sol/TypeBLib.dbg.json +1 -1
- package/artifacts/contracts/instance/AccessManagedSimple.sol/AccessManagedSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/AccessManagedSimple.sol/AccessManagedSimple.json +101 -0
- package/artifacts/contracts/instance/AccessManagerSimple.sol/AccessManagerSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/AccessManagerSimple.sol/AccessManagerSimple.json +1119 -0
- package/artifacts/contracts/instance/IAccessManagerSimple.sol/IAccessManagerSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/IAccessManagerSimple.sol/IAccessManagerSimple.json +1082 -0
- package/artifacts/contracts/instance/IInstance.sol/IInstance.dbg.json +1 -1
- package/artifacts/contracts/instance/IInstance.sol/IInstance.json +1 -1907
- package/artifacts/contracts/instance/Instance.sol/Instance.dbg.json +1 -1
- package/artifacts/contracts/instance/Instance.sol/Instance.json +2428 -1138
- package/artifacts/contracts/instance/InstanceAccessManager.sol/InstanceAccessManager.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceAccessManager.sol/InstanceAccessManager.json +917 -0
- package/artifacts/contracts/instance/InstanceReader.sol/InstanceReader.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceReader.sol/InstanceReader.json +878 -0
- package/artifacts/contracts/instance/InstanceService.sol/InstanceService.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceService.sol/InstanceService.json +117 -0
- package/artifacts/contracts/instance/base/IKeyValueStore.sol/IKeyValueStore.dbg.json +1 -1
- package/artifacts/contracts/instance/base/IKeyValueStore.sol/IKeyValueStore.json +50 -55
- package/artifacts/contracts/instance/base/ILifecycle.sol/ILifecycle.dbg.json +1 -1
- package/artifacts/contracts/instance/base/IService.sol/IService.dbg.json +1 -1
- package/artifacts/contracts/instance/base/IService.sol/IService.json +174 -53
- package/artifacts/contracts/instance/base/KeyValueStore.sol/KeyValueStore.dbg.json +1 -1
- package/artifacts/contracts/instance/base/KeyValueStore.sol/KeyValueStore.json +156 -112
- package/artifacts/contracts/instance/base/Lifecycle.sol/Lifecycle.dbg.json +1 -1
- package/artifacts/contracts/instance/base/Lifecycle.sol/Lifecycle.json +4 -4
- package/artifacts/contracts/instance/base/ServiceBase.sol/ServiceBase.dbg.json +1 -1
- package/artifacts/contracts/instance/base/ServiceBase.sol/ServiceBase.json +220 -52
- package/artifacts/contracts/instance/module/IAccess.sol/IAccess.dbg.json +4 -0
- package/artifacts/contracts/instance/module/IAccess.sol/IAccess.json +211 -0
- package/artifacts/contracts/instance/module/IBundle.sol/IBundle.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{bundle/IBundle.sol → IBundle.sol}/IBundle.json +1 -1
- package/artifacts/contracts/instance/module/IDistribution.sol/IDistribution.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{access/IAccess.sol/IAccess.json → IDistribution.sol/IDistribution.json} +2 -2
- package/artifacts/contracts/instance/module/IPolicy.sol/IPolicy.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{policy/IPolicy.sol → IPolicy.sol}/IPolicy.json +1 -1
- package/artifacts/contracts/instance/module/IRisk.sol/IRisk.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{risk/IRisk.sol → IRisk.sol}/IRisk.json +1 -1
- package/artifacts/contracts/instance/module/ISetup.sol/ISetup.dbg.json +4 -0
- package/artifacts/contracts/instance/{base/ModuleBase.sol/ModuleBase.json → module/ISetup.sol/ISetup.json} +2 -2
- package/artifacts/contracts/instance/module/ITreasury.sol/ITreasury.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{treasury/ITreasury.sol → ITreasury.sol}/ITreasury.json +1 -1
- package/artifacts/contracts/registry/ChainNft.sol/ChainNft.dbg.json +1 -1
- package/artifacts/contracts/registry/ChainNft.sol/ChainNft.json +141 -12
- package/artifacts/contracts/registry/IChainNft.sol/IChainNft.dbg.json +1 -1
- package/artifacts/contracts/registry/IChainNft.sol/IChainNft.json +5 -0
- package/artifacts/contracts/registry/IRegistry.sol/IRegistry.dbg.json +1 -1
- package/artifacts/contracts/registry/IRegistry.sol/IRegistry.json +298 -39
- package/artifacts/contracts/registry/IRegistryService.sol/IRegistryService.dbg.json +4 -0
- package/artifacts/contracts/registry/IRegistryService.sol/IRegistryService.json +745 -0
- package/artifacts/contracts/registry/ITransferInterceptor.sol/ITransferInterceptor.dbg.json +4 -0
- package/artifacts/contracts/registry/ITransferInterceptor.sol/ITransferInterceptor.json +34 -0
- package/artifacts/contracts/registry/Registry.sol/Registry.dbg.json +1 -1
- package/artifacts/contracts/registry/Registry.sol/Registry.json +489 -120
- package/artifacts/contracts/registry/RegistryService.sol/RegistryService.dbg.json +4 -0
- package/artifacts/contracts/registry/RegistryService.sol/RegistryService.json +1013 -0
- package/artifacts/contracts/registry/RegistryServiceManager.sol/RegistryServiceManager.dbg.json +4 -0
- package/artifacts/contracts/registry/RegistryServiceManager.sol/RegistryServiceManager.json +476 -0
- package/artifacts/contracts/shared/ContractDeployerLib.sol/ContractDeployerLib.dbg.json +4 -0
- package/artifacts/contracts/shared/ContractDeployerLib.sol/ContractDeployerLib.json +107 -0
- package/artifacts/contracts/shared/ERC165.sol/ERC165.dbg.json +1 -1
- package/artifacts/contracts/shared/ERC165.sol/ERC165.json +2 -2
- package/artifacts/contracts/shared/INftOwnable.sol/INftOwnable.dbg.json +4 -0
- package/artifacts/contracts/shared/INftOwnable.sol/INftOwnable.json +127 -0
- package/artifacts/contracts/shared/IRegisterable.sol/IRegisterable.dbg.json +1 -1
- package/artifacts/contracts/shared/IRegisterable.sol/IRegisterable.json +117 -37
- package/artifacts/contracts/shared/IVersionable.sol/IVersionable.dbg.json +1 -1
- package/artifacts/contracts/shared/IVersionable.sol/IVersionable.json +55 -14
- package/artifacts/contracts/shared/NftOwnable.sol/NftOwnable.dbg.json +4 -0
- package/artifacts/contracts/shared/NftOwnable.sol/NftOwnable.json +158 -0
- package/artifacts/contracts/shared/ProxyManager.sol/ProxyManager.dbg.json +4 -0
- package/artifacts/contracts/shared/ProxyManager.sol/ProxyManager.json +349 -0
- package/artifacts/contracts/shared/Registerable.sol/Registerable.dbg.json +1 -1
- package/artifacts/contracts/shared/Registerable.sol/Registerable.json +190 -37
- package/artifacts/contracts/shared/TokenHandler.sol/TokenHandler.dbg.json +4 -0
- package/artifacts/contracts/shared/TokenHandler.sol/TokenHandler.json +96 -0
- package/artifacts/contracts/shared/UpgradableProxyWithAdmin.sol/UpgradableProxyWithAdmin.dbg.json +4 -0
- package/artifacts/contracts/shared/UpgradableProxyWithAdmin.sol/UpgradableProxyWithAdmin.json +129 -0
- package/artifacts/contracts/shared/Versionable.sol/Versionable.dbg.json +1 -1
- package/artifacts/contracts/shared/Versionable.sol/Versionable.json +78 -14
- package/artifacts/contracts/test/TestFee.sol/TestFee.dbg.json +1 -1
- package/artifacts/contracts/test/TestFee.sol/TestFee.json +2 -2
- package/artifacts/contracts/test/TestRegisterable.sol/TestRegisterable.dbg.json +1 -1
- package/artifacts/contracts/test/TestRegisterable.sol/TestRegisterable.json +204 -36
- package/artifacts/contracts/test/TestRoleId.sol/TestRoleId.dbg.json +1 -1
- package/artifacts/contracts/test/TestRoleId.sol/TestRoleId.json +5 -111
- package/artifacts/contracts/test/TestService.sol/TestService.dbg.json +1 -1
- package/artifacts/contracts/test/TestService.sol/TestService.json +283 -62
- package/artifacts/contracts/test/TestToken.sol/TestUsdc.dbg.json +1 -1
- package/artifacts/contracts/test/TestVersion.sol/TestVersion.dbg.json +1 -1
- package/artifacts/contracts/test/TestVersion.sol/TestVersion.json +2 -2
- package/artifacts/contracts/test/TestVersionable.sol/TestVersionable.dbg.json +1 -1
- package/artifacts/contracts/test/TestVersionable.sol/TestVersionable.json +103 -23
- package/artifacts/contracts/test/Usdc.sol/USDC.dbg.json +1 -1
- package/artifacts/contracts/types/AddressSet.sol/LibAddressSet.dbg.json +1 -1
- package/artifacts/contracts/types/Blocknumber.sol/BlocknumberLib.dbg.json +1 -1
- package/artifacts/contracts/types/ChainId.sol/ChainIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/DistributorType.sol/DistributorTypeLib.dbg.json +4 -0
- package/artifacts/contracts/types/DistributorType.sol/DistributorTypeLib.json +104 -0
- package/artifacts/contracts/types/Fee.sol/FeeLib.dbg.json +1 -1
- package/artifacts/contracts/types/Fee.sol/FeeLib.json +50 -11
- package/artifacts/contracts/types/Key32.sol/Key32Lib.dbg.json +1 -1
- package/artifacts/contracts/types/Key32.sol/Key32Lib.json +31 -17
- package/artifacts/contracts/types/NftId.sol/NftIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/NftId.sol/NftIdLib.json +2 -2
- package/artifacts/contracts/types/NftIdSet.sol/LibNftIdSet.dbg.json +1 -1
- package/artifacts/contracts/types/NftIdSet.sol/LibNftIdSet.json +2 -2
- package/artifacts/contracts/types/NumberId.sol/NumberIdLib.dbg.json +4 -0
- package/artifacts/contracts/types/NumberId.sol/NumberIdLib.json +100 -0
- package/artifacts/contracts/types/ObjectType.sol/ObjectTypeLib.dbg.json +1 -1
- package/artifacts/contracts/types/ObjectType.sol/ObjectTypeLib.json +2 -2
- package/artifacts/contracts/types/Referral.sol/ReferralLib.dbg.json +4 -0
- package/artifacts/contracts/types/Referral.sol/ReferralLib.json +123 -0
- package/artifacts/contracts/types/RiskId.sol/RiskIdLib.dbg.json +4 -0
- package/artifacts/contracts/types/RiskId.sol/RiskIdLib.json +86 -0
- package/artifacts/contracts/types/RoleId.sol/RoleIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/RoleId.sol/RoleIdLib.json +134 -8
- package/artifacts/contracts/types/StateId.sol/StateIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/StateId.sol/StateIdLib.json +2 -2
- package/artifacts/contracts/types/Timestamp.sol/TimestampLib.dbg.json +1 -1
- package/artifacts/contracts/types/Timestamp.sol/TimestampLib.json +15 -2
- package/artifacts/contracts/types/UFixed.sol/UFixedMathLib.dbg.json +1 -1
- package/artifacts/contracts/types/Version.sol/VersionLib.dbg.json +1 -1
- package/artifacts/contracts/types/Version.sol/VersionLib.json +40 -2
- package/artifacts/contracts/types/Version.sol/VersionPartLib.dbg.json +1 -1
- package/artifacts/contracts/types/Version.sol/VersionPartLib.json +2 -2
- package/contracts/components/IBaseComponent.sol +4 -4
- package/contracts/instance/AccessManagedSimple.sol +114 -0
- package/contracts/instance/AccessManagerSimple.sol +682 -0
- package/contracts/instance/IAccessManagerSimple.sol +391 -0
- package/contracts/instance/IInstance.sol +3 -49
- package/contracts/instance/Instance.sol +378 -54
- package/contracts/instance/InstanceAccessManager.sol +288 -0
- package/contracts/instance/InstanceReader.sol +235 -0
- package/contracts/instance/InstanceService.sol +45 -0
- package/contracts/instance/base/IKeyValueStore.sol +10 -11
- package/contracts/instance/base/ILifecycle.sol +3 -3
- package/contracts/instance/base/KeyValueStore.sol +50 -18
- package/contracts/instance/base/Lifecycle.sol +16 -11
- package/contracts/instance/base/ServiceBase.sol +20 -13
- package/contracts/instance/module/IAccess.sol +38 -0
- package/contracts/instance/module/IBundle.sol +19 -0
- package/contracts/instance/module/IDistribution.sol +39 -0
- package/contracts/instance/module/IPolicy.sol +45 -0
- package/contracts/instance/module/IRisk.sol +11 -0
- package/contracts/instance/module/ISetup.sol +41 -0
- package/contracts/instance/module/ITreasury.sol +23 -0
- package/contracts/registry/ChainNft.sol +43 -15
- package/contracts/registry/IChainNft.sol +3 -2
- package/contracts/registry/IRegistry.sol +42 -26
- package/contracts/registry/IRegistryService.sol +29 -0
- package/contracts/registry/ITransferInterceptor.sol +6 -0
- package/contracts/registry/Registry.sol +384 -274
- package/contracts/registry/RegistryService.sol +369 -0
- package/contracts/registry/RegistryServiceManager.sol +43 -0
- package/contracts/shared/ContractDeployerLib.sol +72 -0
- package/contracts/shared/ERC165.sol +1 -1
- package/contracts/shared/INftOwnable.sol +22 -0
- package/contracts/shared/IRegisterable.sol +9 -16
- package/contracts/shared/IVersionable.sol +55 -11
- package/contracts/shared/NftOwnable.sol +136 -0
- package/contracts/shared/ProxyManager.sol +94 -0
- package/contracts/shared/Registerable.sol +62 -59
- package/contracts/shared/TokenHandler.sol +27 -0
- package/contracts/shared/UpgradableProxyWithAdmin.sol +16 -0
- package/contracts/shared/Versionable.sol +113 -55
- package/contracts/test/TestRegisterable.sol +5 -6
- package/contracts/test/TestRoleId.sol +6 -6
- package/contracts/test/TestService.sol +5 -11
- package/contracts/types/DistributorType.sol +55 -0
- package/contracts/types/Fee.sol +8 -3
- package/contracts/types/Key32.sol +8 -3
- package/contracts/types/NumberId.sol +52 -0
- package/contracts/types/ObjectType.sol +44 -11
- package/contracts/types/Referral.sol +85 -0
- package/contracts/types/RiskId.sol +43 -0
- package/contracts/types/RoleId.sol +47 -10
- package/contracts/types/StateId.sol +1 -1
- package/contracts/types/Timestamp.sol +7 -3
- package/contracts/types/Version.sol +9 -0
- package/package.json +1 -1
- package/artifacts/contracts/components/BaseComponent.sol/BaseComponent.dbg.json +0 -4
- package/artifacts/contracts/components/BaseComponent.sol/BaseComponent.json +0 -174
- package/artifacts/contracts/components/IPoolComponent.sol/IPoolComponent.dbg.json +0 -4
- package/artifacts/contracts/components/IPoolComponent.sol/IPoolComponent.json +0 -356
- package/artifacts/contracts/components/IProductComponent.sol/IProductComponent.dbg.json +0 -4
- package/artifacts/contracts/components/IProductComponent.sol/IProductComponent.json +0 -279
- package/artifacts/contracts/components/Pool.sol/Pool.dbg.json +0 -4
- package/artifacts/contracts/components/Pool.sol/Pool.json +0 -387
- package/artifacts/contracts/components/Product.sol/Product.dbg.json +0 -4
- package/artifacts/contracts/components/Product.sol/Product.json +0 -305
- package/artifacts/contracts/instance/IInstanceLinked.sol/IInstanceLinked.dbg.json +0 -4
- package/artifacts/contracts/instance/IInstanceLinked.sol/IInstanceLinked.json +0 -24
- package/artifacts/contracts/instance/base/ComponentServiceBase.sol/ComponentServiceBase.dbg.json +0 -4
- package/artifacts/contracts/instance/base/ComponentServiceBase.sol/ComponentServiceBase.json +0 -300
- package/artifacts/contracts/instance/base/IInstanceBase.sol/IInstanceBase.dbg.json +0 -4
- package/artifacts/contracts/instance/base/IInstanceBase.sol/IInstanceBase.json +0 -63
- package/artifacts/contracts/instance/base/InstanceBase.sol/InstanceBase.dbg.json +0 -4
- package/artifacts/contracts/instance/base/InstanceBase.sol/InstanceBase.json +0 -326
- package/artifacts/contracts/instance/base/ModuleBase.sol/ModuleBase.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/Access.sol/AccessModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/Access.sol/AccessModule.json +0 -333
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccess.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccessModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccessModule.json +0 -333
- package/artifacts/contracts/instance/module/bundle/BundleModule.sol/BundleModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/BundleModule.sol/BundleModule.json +0 -296
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundle.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundleModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundleModule.json +0 -296
- package/artifacts/contracts/instance/module/compensation/CompensationModule.sol/CompensationModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/compensation/CompensationModule.sol/CompensationModule.json +0 -10
- package/artifacts/contracts/instance/module/compensation/ICompensation.sol/ICompensation.dbg.json +0 -4
- package/artifacts/contracts/instance/module/compensation/ICompensation.sol/ICompensation.json +0 -10
- package/artifacts/contracts/instance/module/compensation/ICompensation.sol/ICompensationModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/compensation/ICompensation.sol/ICompensationModule.json +0 -10
- package/artifacts/contracts/instance/module/component/ComponentModule.sol/ComponentModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/ComponentModule.sol/ComponentModule.json +0 -241
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponent.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponent.json +0 -10
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponentModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponentModule.json +0 -241
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicy.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicyModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicyModule.json +0 -271
- package/artifacts/contracts/instance/module/policy/PolicyModule.sol/PolicyModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/PolicyModule.sol/PolicyModule.json +0 -271
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPool.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPool.json +0 -10
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPoolModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPoolModule.json +0 -149
- package/artifacts/contracts/instance/module/pool/PoolModule.sol/PoolModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/PoolModule.sol/PoolModule.json +0 -149
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRisk.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRiskModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRiskModule.json +0 -10
- package/artifacts/contracts/instance/module/risk/RiskModule.sol/RiskModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/RiskModule.sol/RiskModule.json +0 -10
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasury.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasuryModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasuryModule.json +0 -533
- package/artifacts/contracts/instance/module/treasury/TokenHandler.sol/TokenHandler.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/TokenHandler.sol/TokenHandler.json +0 -76
- package/artifacts/contracts/instance/module/treasury/TreasuryModule.sol/TreasuryModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/TreasuryModule.sol/TreasuryModule.json +0 -533
- package/artifacts/contracts/instance/service/ComponentOwnerService.sol/ComponentOwnerService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/ComponentOwnerService.sol/ComponentOwnerService.json +0 -507
- package/artifacts/contracts/instance/service/IComponentOwnerService.sol/IComponentOwnerService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/IComponentOwnerService.sol/IComponentOwnerService.json +0 -364
- package/artifacts/contracts/instance/service/IPoolService.sol/IPoolService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/IPoolService.sol/IPoolService.json +0 -376
- package/artifacts/contracts/instance/service/IProductService.sol/IProductService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/IProductService.sol/IProductService.json +0 -477
- package/artifacts/contracts/instance/service/PoolService.sol/PoolService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/PoolService.sol/PoolService.json +0 -471
- package/artifacts/contracts/instance/service/ProductService.sol/ProductService.dbg.json +0 -4
- package/artifacts/contracts/instance/service/ProductService.sol/ProductService.json +0 -673
- package/artifacts/contracts/registry/IRegistryLinked.sol/IRegistryLinked.dbg.json +0 -4
- package/artifacts/contracts/registry/IRegistryLinked.sol/IRegistryLinked.json +0 -24
- package/artifacts/contracts/shared/IOwnable.sol/IOwnable.dbg.json +0 -4
- package/artifacts/contracts/shared/IOwnable.sol/IOwnable.json +0 -24
- package/artifacts/contracts/test/TestPool.sol/TestPool.dbg.json +0 -4
- package/artifacts/contracts/test/TestPool.sol/TestPool.json +0 -387
- package/artifacts/contracts/test/TestProduct.sol/TestProduct.dbg.json +0 -4
- package/artifacts/contracts/test/TestProduct.sol/TestProduct.json +0 -393
- package/contracts/components/BaseComponent.sol +0 -88
- package/contracts/components/IPoolComponent.sol +0 -57
- package/contracts/components/IProductComponent.sol +0 -19
- package/contracts/components/Pool.sol +0 -174
- package/contracts/components/Product.sol +0 -117
- package/contracts/experiment/statemachine/README.md +0 -112
- package/contracts/instance/IInstanceLinked.sol +0 -8
- package/contracts/instance/base/ComponentServiceBase.sol +0 -42
- package/contracts/instance/base/IInstanceBase.sol +0 -14
- package/contracts/instance/base/InstanceBase.sol +0 -80
- package/contracts/instance/base/ModuleBase.sol +0 -52
- package/contracts/instance/module/access/Access.sol +0 -149
- package/contracts/instance/module/access/IAccess.sol +0 -53
- package/contracts/instance/module/bundle/BundleModule.sol +0 -136
- package/contracts/instance/module/bundle/IBundle.sol +0 -58
- package/contracts/instance/module/compensation/CompensationModule.sol +0 -8
- package/contracts/instance/module/compensation/ICompensation.sol +0 -10
- package/contracts/instance/module/component/ComponentModule.sol +0 -104
- package/contracts/instance/module/component/IComponent.sol +0 -63
- package/contracts/instance/module/policy/IPolicy.sol +0 -61
- package/contracts/instance/module/policy/PolicyModule.sol +0 -77
- package/contracts/instance/module/pool/IPoolModule.sol +0 -41
- package/contracts/instance/module/pool/PoolModule.sol +0 -87
- package/contracts/instance/module/risk/IRisk.sol +0 -10
- package/contracts/instance/module/risk/RiskModule.sol +0 -8
- package/contracts/instance/module/treasury/ITreasury.sol +0 -103
- package/contracts/instance/module/treasury/TokenHandler.sol +0 -48
- package/contracts/instance/module/treasury/TreasuryModule.sol +0 -152
- package/contracts/instance/service/ComponentOwnerService.sol +0 -176
- package/contracts/instance/service/IComponentOwnerService.sol +0 -22
- package/contracts/instance/service/IPoolService.sol +0 -30
- package/contracts/instance/service/IProductService.sol +0 -58
- package/contracts/instance/service/PoolService.sol +0 -123
- package/contracts/instance/service/ProductService.sol +0 -354
- package/contracts/registry/IRegistryLinked.sol +0 -8
- package/contracts/shared/IOwnable.sol +0 -6
- package/contracts/test/TestPool.sol +0 -22
- package/contracts/test/TestProduct.sol +0 -44
@@ -0,0 +1,682 @@
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
2
|
+
pragma solidity ^0.8.20;
|
3
|
+
|
4
|
+
import {Context} from "@openzeppelin5/contracts/utils/Context.sol";
|
5
|
+
import {IAccessManaged} from "@openzeppelin5/contracts/access/manager/IAccessManaged.sol";
|
6
|
+
|
7
|
+
import {IAccessManagerSimple} from "./IAccessManagerSimple.sol";
|
8
|
+
|
9
|
+
type Delay is uint112;
|
10
|
+
|
11
|
+
// @dev as oz5 AccessManager but without multicall and without timing logic
|
12
|
+
contract AccessManagerSimple is Context, IAccessManagerSimple {
|
13
|
+
// Structure that stores the details for a target contract.
|
14
|
+
struct TargetConfig {
|
15
|
+
mapping(bytes4 selector => uint64 roleId) allowedRoles;
|
16
|
+
uint112 adminDelay;
|
17
|
+
bool closed;
|
18
|
+
}
|
19
|
+
|
20
|
+
// Structure that stores the details for a role/account pair. This structures fit into a single slot.
|
21
|
+
struct Access {
|
22
|
+
// Timepoint at which the user gets the permission.
|
23
|
+
// If this is either 0 or in the future, then the role permission is not available.
|
24
|
+
uint48 since;
|
25
|
+
// Delay for execution. Only applies to restricted() / execute() calls.
|
26
|
+
Delay delay;
|
27
|
+
}
|
28
|
+
|
29
|
+
// Structure that stores the details of a role.
|
30
|
+
struct Role {
|
31
|
+
// Members of the role.
|
32
|
+
mapping(address user => Access access) members;
|
33
|
+
// Admin who can grant or revoke permissions.
|
34
|
+
uint64 admin;
|
35
|
+
// Guardian who can cancel operations targeting functions that need this role.
|
36
|
+
uint64 guardian;
|
37
|
+
// Delay in which the role takes effect after being granted.
|
38
|
+
Delay grantDelay;
|
39
|
+
}
|
40
|
+
|
41
|
+
// Structure that stores the details for a scheduled operation. This structure fits into a single slot.
|
42
|
+
struct Schedule {
|
43
|
+
// Moment at which the operation can be executed.
|
44
|
+
uint48 timepoint;
|
45
|
+
// Operation nonce to allow third-party contracts to identify the operation.
|
46
|
+
uint32 nonce;
|
47
|
+
}
|
48
|
+
|
49
|
+
uint64 public constant ADMIN_ROLE = type(uint64).min; // 0
|
50
|
+
uint64 public constant PUBLIC_ROLE = type(uint64).max; // 2**64-1
|
51
|
+
|
52
|
+
mapping(address target => TargetConfig mode) private _targets;
|
53
|
+
mapping(uint64 roleId => Role) private _roles;
|
54
|
+
mapping(bytes32 operationId => Schedule) private _schedules;
|
55
|
+
|
56
|
+
// Used to identify operations that are currently being executed via {execute}.
|
57
|
+
// This should be transient storage when supported by the EVM.
|
58
|
+
bytes32 private _executionId;
|
59
|
+
|
60
|
+
/**
|
61
|
+
* @dev Check that the caller is authorized to perform the operation, following the restrictions encoded in
|
62
|
+
* {_getAdminRestrictions}.
|
63
|
+
*/
|
64
|
+
modifier onlyAuthorized() {
|
65
|
+
_checkAuthorized();
|
66
|
+
_;
|
67
|
+
}
|
68
|
+
|
69
|
+
constructor(address initialAdmin) {
|
70
|
+
if (initialAdmin == address(0)) {
|
71
|
+
revert AccessManagerInvalidInitialAdmin(address(0));
|
72
|
+
}
|
73
|
+
|
74
|
+
// admin is active immediately and without any execution delay.
|
75
|
+
_grantRole(ADMIN_ROLE, initialAdmin, 0, 0);
|
76
|
+
}
|
77
|
+
|
78
|
+
// =================================================== GETTERS ====================================================
|
79
|
+
/// @inheritdoc IAccessManagerSimple
|
80
|
+
function canCall(
|
81
|
+
address caller,
|
82
|
+
address target,
|
83
|
+
bytes4 selector
|
84
|
+
) public view virtual returns (bool immediate, uint32 delay) {
|
85
|
+
if (isTargetClosed(target)) {
|
86
|
+
return (false, 0);
|
87
|
+
// } else if (caller == address(this)) {
|
88
|
+
// // Caller is AccessManager, this means the call was sent through {execute} and it already checked
|
89
|
+
// // permissions. We verify that the call "identifier", which is set during {execute}, is correct.
|
90
|
+
// return (_isExecuting(target, selector), 0);
|
91
|
+
} else {
|
92
|
+
uint64 roleId = getTargetFunctionRole(target, selector);
|
93
|
+
(bool isMember, uint32 currentDelay) = hasRole(roleId, caller);
|
94
|
+
return isMember ? (currentDelay == 0, currentDelay) : (false, 0);
|
95
|
+
}
|
96
|
+
}
|
97
|
+
|
98
|
+
/// @inheritdoc IAccessManagerSimple
|
99
|
+
function expiration() public view virtual returns (uint32) {
|
100
|
+
return 1 weeks;
|
101
|
+
}
|
102
|
+
|
103
|
+
/// @inheritdoc IAccessManagerSimple
|
104
|
+
function minSetback() public view virtual returns (uint32) {
|
105
|
+
return 5 days;
|
106
|
+
}
|
107
|
+
|
108
|
+
/// @inheritdoc IAccessManagerSimple
|
109
|
+
function isTargetClosed(address target) public view virtual returns (bool) {
|
110
|
+
return _targets[target].closed;
|
111
|
+
}
|
112
|
+
|
113
|
+
/// @inheritdoc IAccessManagerSimple
|
114
|
+
function getTargetFunctionRole(address target, bytes4 selector) public view virtual returns (uint64) {
|
115
|
+
return _targets[target].allowedRoles[selector];
|
116
|
+
}
|
117
|
+
|
118
|
+
/// @inheritdoc IAccessManagerSimple
|
119
|
+
function getTargetAdminDelay(address target) public view virtual returns (uint32) {
|
120
|
+
// return _targets[target].adminDelay.get();
|
121
|
+
}
|
122
|
+
|
123
|
+
/// @inheritdoc IAccessManagerSimple
|
124
|
+
function getRoleAdmin(uint64 roleId) public view virtual returns (uint64) {
|
125
|
+
return _roles[roleId].admin;
|
126
|
+
}
|
127
|
+
|
128
|
+
/// @inheritdoc IAccessManagerSimple
|
129
|
+
function getRoleGuardian(uint64 roleId) public view virtual returns (uint64) {
|
130
|
+
return _roles[roleId].guardian;
|
131
|
+
}
|
132
|
+
|
133
|
+
/// @inheritdoc IAccessManagerSimple
|
134
|
+
function getRoleGrantDelay(uint64 roleId) public view virtual returns (uint32) {
|
135
|
+
// return _roles[roleId].grantDelay.get();
|
136
|
+
}
|
137
|
+
|
138
|
+
/// @inheritdoc IAccessManagerSimple
|
139
|
+
function getAccess(
|
140
|
+
uint64 roleId,
|
141
|
+
address account
|
142
|
+
) public view virtual returns (uint48 since, uint32 currentDelay, uint32 pendingDelay, uint48 effect) {
|
143
|
+
Access storage access = _roles[roleId].members[account];
|
144
|
+
|
145
|
+
since = access.since;
|
146
|
+
// (currentDelay, pendingDelay, effect) = access.delay.getFull();
|
147
|
+
|
148
|
+
return (since, currentDelay, pendingDelay, effect);
|
149
|
+
}
|
150
|
+
|
151
|
+
/// @inheritdoc IAccessManagerSimple
|
152
|
+
function hasRole(
|
153
|
+
uint64 roleId,
|
154
|
+
address account
|
155
|
+
) public view virtual returns (bool isMember, uint32 executionDelay) {
|
156
|
+
if (roleId == PUBLIC_ROLE) {
|
157
|
+
return (true, 0);
|
158
|
+
} else {
|
159
|
+
(uint48 hasRoleSince, uint32 currentDelay, , ) = getAccess(roleId, account);
|
160
|
+
// return (hasRoleSince != 0 && hasRoleSince <= Time.timestamp(), currentDelay);
|
161
|
+
return (hasRoleSince != 0 && hasRoleSince <= uint48(block.timestamp), currentDelay);
|
162
|
+
}
|
163
|
+
}
|
164
|
+
|
165
|
+
// =============================================== ROLE MANAGEMENT ===============================================
|
166
|
+
/// @inheritdoc IAccessManagerSimple
|
167
|
+
function labelRole(uint64 roleId, string calldata label) public virtual onlyAuthorized {
|
168
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
169
|
+
revert AccessManagerLockedRole(roleId);
|
170
|
+
}
|
171
|
+
emit RoleLabel(roleId, label);
|
172
|
+
}
|
173
|
+
|
174
|
+
/// @inheritdoc IAccessManagerSimple
|
175
|
+
function grantRole(uint64 roleId, address account, uint32 executionDelay) public virtual onlyAuthorized {
|
176
|
+
_grantRole(roleId, account, getRoleGrantDelay(roleId), executionDelay);
|
177
|
+
}
|
178
|
+
|
179
|
+
/// @inheritdoc IAccessManagerSimple
|
180
|
+
function revokeRole(uint64 roleId, address account) public virtual onlyAuthorized {
|
181
|
+
_revokeRole(roleId, account);
|
182
|
+
}
|
183
|
+
|
184
|
+
/// @inheritdoc IAccessManagerSimple
|
185
|
+
function renounceRole(uint64 roleId, address callerConfirmation) public virtual {
|
186
|
+
if (callerConfirmation != _msgSender()) {
|
187
|
+
revert AccessManagerBadConfirmation();
|
188
|
+
}
|
189
|
+
_revokeRole(roleId, callerConfirmation);
|
190
|
+
}
|
191
|
+
|
192
|
+
/// @inheritdoc IAccessManagerSimple
|
193
|
+
function setRoleAdmin(uint64 roleId, uint64 admin) public virtual onlyAuthorized {
|
194
|
+
_setRoleAdmin(roleId, admin);
|
195
|
+
}
|
196
|
+
|
197
|
+
/// @inheritdoc IAccessManagerSimple
|
198
|
+
function setRoleGuardian(uint64 roleId, uint64 guardian) public virtual onlyAuthorized {
|
199
|
+
_setRoleGuardian(roleId, guardian);
|
200
|
+
}
|
201
|
+
|
202
|
+
/// @inheritdoc IAccessManagerSimple
|
203
|
+
function setGrantDelay(uint64 roleId, uint32 newDelay) public virtual onlyAuthorized {
|
204
|
+
// _setGrantDelay(roleId, newDelay);
|
205
|
+
}
|
206
|
+
|
207
|
+
/**
|
208
|
+
* @dev Internal version of {grantRole} without access control. Returns true if the role was newly granted.
|
209
|
+
*
|
210
|
+
* Emits a {RoleGranted} event.
|
211
|
+
*/
|
212
|
+
function _grantRole(
|
213
|
+
uint64 roleId,
|
214
|
+
address account,
|
215
|
+
uint32 grantDelay,
|
216
|
+
uint32 executionDelay
|
217
|
+
) internal virtual returns (bool) {
|
218
|
+
if (roleId == PUBLIC_ROLE) {
|
219
|
+
revert AccessManagerLockedRole(roleId);
|
220
|
+
}
|
221
|
+
|
222
|
+
bool newMember = _roles[roleId].members[account].since == 0;
|
223
|
+
uint48 since;
|
224
|
+
|
225
|
+
if (newMember) {
|
226
|
+
since = uint48(block.timestamp); // Time.timestamp() + grantDelay;
|
227
|
+
_roles[roleId].members[account] = Access({since: since, delay: Delay.wrap(0)});
|
228
|
+
}
|
229
|
+
// else {
|
230
|
+
// // No setback here. Value can be reset by doing revoke + grant, effectively allowing the admin to perform
|
231
|
+
// // any change to the execution delay within the duration of the role admin delay.
|
232
|
+
// (_roles[roleId].members[account].delay, since) = _roles[roleId].members[account].delay.withUpdate(
|
233
|
+
// executionDelay,
|
234
|
+
// 0
|
235
|
+
// );
|
236
|
+
// }
|
237
|
+
|
238
|
+
emit RoleGranted(roleId, account, executionDelay, since, newMember);
|
239
|
+
return newMember;
|
240
|
+
}
|
241
|
+
|
242
|
+
/**
|
243
|
+
* @dev Internal version of {revokeRole} without access control. This logic is also used by {renounceRole}.
|
244
|
+
* Returns true if the role was previously granted.
|
245
|
+
*
|
246
|
+
* Emits a {RoleRevoked} event if the account had the role.
|
247
|
+
*/
|
248
|
+
function _revokeRole(uint64 roleId, address account) internal virtual returns (bool) {
|
249
|
+
if (roleId == PUBLIC_ROLE) {
|
250
|
+
revert AccessManagerLockedRole(roleId);
|
251
|
+
}
|
252
|
+
|
253
|
+
if (_roles[roleId].members[account].since == 0) {
|
254
|
+
return false;
|
255
|
+
}
|
256
|
+
|
257
|
+
delete _roles[roleId].members[account];
|
258
|
+
|
259
|
+
emit RoleRevoked(roleId, account);
|
260
|
+
return true;
|
261
|
+
}
|
262
|
+
|
263
|
+
/**
|
264
|
+
* @dev Internal version of {setRoleAdmin} without access control.
|
265
|
+
*
|
266
|
+
* Emits a {RoleAdminChanged} event.
|
267
|
+
*
|
268
|
+
* NOTE: Setting the admin role as the `PUBLIC_ROLE` is allowed, but it will effectively allow
|
269
|
+
* anyone to set grant or revoke such role.
|
270
|
+
*/
|
271
|
+
function _setRoleAdmin(uint64 roleId, uint64 admin) internal virtual {
|
272
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
273
|
+
revert AccessManagerLockedRole(roleId);
|
274
|
+
}
|
275
|
+
|
276
|
+
_roles[roleId].admin = admin;
|
277
|
+
|
278
|
+
emit RoleAdminChanged(roleId, admin);
|
279
|
+
}
|
280
|
+
|
281
|
+
/**
|
282
|
+
* @dev Internal version of {setRoleGuardian} without access control.
|
283
|
+
*
|
284
|
+
* Emits a {RoleGuardianChanged} event.
|
285
|
+
*
|
286
|
+
* NOTE: Setting the guardian role as the `PUBLIC_ROLE` is allowed, but it will effectively allow
|
287
|
+
* anyone to cancel any scheduled operation for such role.
|
288
|
+
*/
|
289
|
+
function _setRoleGuardian(uint64 roleId, uint64 guardian) internal virtual {
|
290
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
291
|
+
revert AccessManagerLockedRole(roleId);
|
292
|
+
}
|
293
|
+
|
294
|
+
_roles[roleId].guardian = guardian;
|
295
|
+
|
296
|
+
emit RoleGuardianChanged(roleId, guardian);
|
297
|
+
}
|
298
|
+
|
299
|
+
/**
|
300
|
+
* @dev Internal version of {setGrantDelay} without access control.
|
301
|
+
*
|
302
|
+
* Emits a {RoleGrantDelayChanged} event.
|
303
|
+
*/
|
304
|
+
// function _setGrantDelay(uint64 roleId, uint32 newDelay) internal virtual {
|
305
|
+
// if (roleId == PUBLIC_ROLE) {
|
306
|
+
// revert AccessManagerLockedRole(roleId);
|
307
|
+
// }
|
308
|
+
|
309
|
+
// uint48 effect;
|
310
|
+
// (_roles[roleId].grantDelay, effect) = _roles[roleId].grantDelay.withUpdate(newDelay, minSetback());
|
311
|
+
|
312
|
+
// emit RoleGrantDelayChanged(roleId, newDelay, effect);
|
313
|
+
// }
|
314
|
+
|
315
|
+
// ============================================= FUNCTION MANAGEMENT ==============================================
|
316
|
+
/// @inheritdoc IAccessManagerSimple
|
317
|
+
function setTargetFunctionRole(
|
318
|
+
address target,
|
319
|
+
bytes4[] calldata selectors,
|
320
|
+
uint64 roleId
|
321
|
+
) public virtual onlyAuthorized {
|
322
|
+
for (uint256 i = 0; i < selectors.length; ++i) {
|
323
|
+
_setTargetFunctionRole(target, selectors[i], roleId);
|
324
|
+
}
|
325
|
+
}
|
326
|
+
|
327
|
+
/**
|
328
|
+
* @dev Internal version of {setTargetFunctionRole} without access control.
|
329
|
+
*
|
330
|
+
* Emits a {TargetFunctionRoleUpdated} event.
|
331
|
+
*/
|
332
|
+
function _setTargetFunctionRole(address target, bytes4 selector, uint64 roleId) internal virtual {
|
333
|
+
_targets[target].allowedRoles[selector] = roleId;
|
334
|
+
emit TargetFunctionRoleUpdated(target, selector, roleId);
|
335
|
+
}
|
336
|
+
|
337
|
+
/// @inheritdoc IAccessManagerSimple
|
338
|
+
function setTargetAdminDelay(address target, uint32 newDelay) public virtual onlyAuthorized {
|
339
|
+
// _setTargetAdminDelay(target, newDelay);
|
340
|
+
}
|
341
|
+
|
342
|
+
/**
|
343
|
+
* @dev Internal version of {setTargetAdminDelay} without access control.
|
344
|
+
*
|
345
|
+
* Emits a {TargetAdminDelayUpdated} event.
|
346
|
+
*/
|
347
|
+
// function _setTargetAdminDelay(address target, uint32 newDelay) internal virtual {
|
348
|
+
// uint48 effect;
|
349
|
+
// (_targets[target].adminDelay, effect) = _targets[target].adminDelay.withUpdate(newDelay, minSetback());
|
350
|
+
|
351
|
+
// emit TargetAdminDelayUpdated(target, newDelay, effect);
|
352
|
+
// }
|
353
|
+
|
354
|
+
// =============================================== MODE MANAGEMENT ================================================
|
355
|
+
/// @inheritdoc IAccessManagerSimple
|
356
|
+
function setTargetClosed(address target, bool closed) public virtual onlyAuthorized {
|
357
|
+
_setTargetClosed(target, closed);
|
358
|
+
}
|
359
|
+
|
360
|
+
/**
|
361
|
+
* @dev Set the closed flag for a contract. This is an internal setter with no access restrictions.
|
362
|
+
*
|
363
|
+
* Emits a {TargetClosed} event.
|
364
|
+
*/
|
365
|
+
function _setTargetClosed(address target, bool closed) internal virtual {
|
366
|
+
if (target == address(this)) {
|
367
|
+
revert AccessManagerLockedAccount(target);
|
368
|
+
}
|
369
|
+
_targets[target].closed = closed;
|
370
|
+
emit TargetClosed(target, closed);
|
371
|
+
}
|
372
|
+
|
373
|
+
// ============================================== DELAYED OPERATIONS ==============================================
|
374
|
+
/// @inheritdoc IAccessManagerSimple
|
375
|
+
function getSchedule(bytes32 id) public view virtual returns (uint48) {
|
376
|
+
// uint48 timepoint = _schedules[id].timepoint;
|
377
|
+
// return _isExpired(timepoint) ? 0 : timepoint;
|
378
|
+
}
|
379
|
+
|
380
|
+
/// @inheritdoc IAccessManagerSimple
|
381
|
+
function getNonce(bytes32 id) public view virtual returns (uint32) {
|
382
|
+
// return _schedules[id].nonce;
|
383
|
+
}
|
384
|
+
|
385
|
+
/// @inheritdoc IAccessManagerSimple
|
386
|
+
function schedule(
|
387
|
+
address target,
|
388
|
+
bytes calldata data,
|
389
|
+
uint48 when
|
390
|
+
) public virtual returns (bytes32 operationId, uint32 nonce) {
|
391
|
+
// address caller = _msgSender();
|
392
|
+
|
393
|
+
// // Fetch restrictions that apply to the caller on the targeted function
|
394
|
+
// (, uint32 setback) = _canCallExtended(caller, target, data);
|
395
|
+
|
396
|
+
// uint48 minWhen = Time.timestamp() + setback;
|
397
|
+
|
398
|
+
// // if call with delay is not authorized, or if requested timing is too soon
|
399
|
+
// if (setback == 0 || (when > 0 && when < minWhen)) {
|
400
|
+
// revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
|
401
|
+
// }
|
402
|
+
|
403
|
+
// // Reuse variable due to stack too deep
|
404
|
+
// when = uint48(Math.max(when, minWhen)); // cast is safe: both inputs are uint48
|
405
|
+
|
406
|
+
// // If caller is authorised, schedule operation
|
407
|
+
// operationId = hashOperation(caller, target, data);
|
408
|
+
|
409
|
+
// _checkNotScheduled(operationId);
|
410
|
+
|
411
|
+
// unchecked {
|
412
|
+
// // It's not feasible to overflow the nonce in less than 1000 years
|
413
|
+
// nonce = _schedules[operationId].nonce + 1;
|
414
|
+
// }
|
415
|
+
// _schedules[operationId].timepoint = when;
|
416
|
+
// _schedules[operationId].nonce = nonce;
|
417
|
+
// emit OperationScheduled(operationId, nonce, when, caller, target, data);
|
418
|
+
|
419
|
+
// // Using named return values because otherwise we get stack too deep
|
420
|
+
}
|
421
|
+
|
422
|
+
/**
|
423
|
+
* @dev Reverts if the operation is currently scheduled and has not expired.
|
424
|
+
* (Note: This function was introduced due to stack too deep errors in schedule.)
|
425
|
+
*/
|
426
|
+
// function _checkNotScheduled(bytes32 operationId) private view {
|
427
|
+
// uint48 prevTimepoint = _schedules[operationId].timepoint;
|
428
|
+
// if (prevTimepoint != 0 && !_isExpired(prevTimepoint)) {
|
429
|
+
// revert AccessManagerAlreadyScheduled(operationId);
|
430
|
+
// }
|
431
|
+
// }
|
432
|
+
|
433
|
+
/// @inheritdoc IAccessManagerSimple
|
434
|
+
// Reentrancy is not an issue because permissions are checked on msg.sender. Additionally,
|
435
|
+
// _consumeScheduledOp guarantees a scheduled operation is only executed once.
|
436
|
+
// slither-disable-next-line reentrancy-no-eth
|
437
|
+
function execute(address target, bytes calldata data) public payable virtual returns (uint32) {
|
438
|
+
// address caller = _msgSender();
|
439
|
+
|
440
|
+
// // Fetch restrictions that apply to the caller on the targeted function
|
441
|
+
// (bool immediate, uint32 setback) = _canCallExtended(caller, target, data);
|
442
|
+
|
443
|
+
// // If caller is not authorised, revert
|
444
|
+
// if (!immediate && setback == 0) {
|
445
|
+
// revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
|
446
|
+
// }
|
447
|
+
|
448
|
+
// bytes32 operationId = hashOperation(caller, target, data);
|
449
|
+
// uint32 nonce;
|
450
|
+
|
451
|
+
// // If caller is authorised, check operation was scheduled early enough
|
452
|
+
// // Consume an available schedule even if there is no currently enforced delay
|
453
|
+
// if (setback != 0 || getSchedule(operationId) != 0) {
|
454
|
+
// nonce = _consumeScheduledOp(operationId);
|
455
|
+
// }
|
456
|
+
|
457
|
+
// // Mark the target and selector as authorised
|
458
|
+
// bytes32 executionIdBefore = _executionId;
|
459
|
+
// _executionId = _hashExecutionId(target, _checkSelector(data));
|
460
|
+
|
461
|
+
// // Perform call
|
462
|
+
// Address.functionCallWithValue(target, data, msg.value);
|
463
|
+
|
464
|
+
// // Reset execute identifier
|
465
|
+
// _executionId = executionIdBefore;
|
466
|
+
|
467
|
+
// return nonce;
|
468
|
+
}
|
469
|
+
|
470
|
+
/// @inheritdoc IAccessManagerSimple
|
471
|
+
function cancel(address caller, address target, bytes calldata data) public virtual returns (uint32) {
|
472
|
+
// address msgsender = _msgSender();
|
473
|
+
// bytes4 selector = _checkSelector(data);
|
474
|
+
|
475
|
+
// bytes32 operationId = hashOperation(caller, target, data);
|
476
|
+
// if (_schedules[operationId].timepoint == 0) {
|
477
|
+
// revert AccessManagerNotScheduled(operationId);
|
478
|
+
// } else if (caller != msgsender) {
|
479
|
+
// // calls can only be canceled by the account that scheduled them, a global admin, or by a guardian of the required role.
|
480
|
+
// (bool isAdmin, ) = hasRole(ADMIN_ROLE, msgsender);
|
481
|
+
// (bool isGuardian, ) = hasRole(getRoleGuardian(getTargetFunctionRole(target, selector)), msgsender);
|
482
|
+
// if (!isAdmin && !isGuardian) {
|
483
|
+
// revert AccessManagerUnauthorizedCancel(msgsender, caller, target, selector);
|
484
|
+
// }
|
485
|
+
// }
|
486
|
+
|
487
|
+
// delete _schedules[operationId].timepoint; // reset the timepoint, keep the nonce
|
488
|
+
// uint32 nonce = _schedules[operationId].nonce;
|
489
|
+
// emit OperationCanceled(operationId, nonce);
|
490
|
+
|
491
|
+
// return nonce;
|
492
|
+
}
|
493
|
+
|
494
|
+
/// @inheritdoc IAccessManagerSimple
|
495
|
+
function consumeScheduledOp(address caller, bytes calldata data) public virtual {
|
496
|
+
// address target = _msgSender();
|
497
|
+
// if (IAccessManaged(target).isConsumingScheduledOp() != IAccessManaged.isConsumingScheduledOp.selector) {
|
498
|
+
// revert AccessManagerUnauthorizedConsume(target);
|
499
|
+
// }
|
500
|
+
// _consumeScheduledOp(hashOperation(caller, target, data));
|
501
|
+
}
|
502
|
+
|
503
|
+
// /**
|
504
|
+
// * @dev Internal variant of {consumeScheduledOp} that operates on bytes32 operationId.
|
505
|
+
// *
|
506
|
+
// * Returns the nonce of the scheduled operation that is consumed.
|
507
|
+
// */
|
508
|
+
// function _consumeScheduledOp(bytes32 operationId) internal virtual returns (uint32) {
|
509
|
+
// uint48 timepoint = _schedules[operationId].timepoint;
|
510
|
+
// uint32 nonce = _schedules[operationId].nonce;
|
511
|
+
|
512
|
+
// if (timepoint == 0) {
|
513
|
+
// revert AccessManagerNotScheduled(operationId);
|
514
|
+
// } else if (timepoint > Time.timestamp()) {
|
515
|
+
// revert AccessManagerNotReady(operationId);
|
516
|
+
// } else if (_isExpired(timepoint)) {
|
517
|
+
// revert AccessManagerExpired(operationId);
|
518
|
+
// }
|
519
|
+
|
520
|
+
// delete _schedules[operationId].timepoint; // reset the timepoint, keep the nonce
|
521
|
+
// emit OperationExecuted(operationId, nonce);
|
522
|
+
|
523
|
+
// return nonce;
|
524
|
+
// }
|
525
|
+
|
526
|
+
/// @inheritdoc IAccessManagerSimple
|
527
|
+
function hashOperation(address caller, address target, bytes calldata data) public view virtual returns (bytes32) {
|
528
|
+
return keccak256(abi.encode(caller, target, data));
|
529
|
+
}
|
530
|
+
|
531
|
+
// ==================================================== OTHERS ====================================================
|
532
|
+
/// @inheritdoc IAccessManagerSimple
|
533
|
+
function updateAuthority(address target, address newAuthority) public virtual onlyAuthorized {
|
534
|
+
IAccessManaged(target).setAuthority(newAuthority);
|
535
|
+
}
|
536
|
+
|
537
|
+
// ================================================= ADMIN LOGIC ==================================================
|
538
|
+
/**
|
539
|
+
* @dev Check if the current call is authorized according to admin logic.
|
540
|
+
*/
|
541
|
+
function _checkAuthorized() private {
|
542
|
+
address caller = _msgSender();
|
543
|
+
(bool immediate, uint32 delay) = _canCallSelf(caller, _msgData());
|
544
|
+
if (!immediate) {
|
545
|
+
if (delay == 0) {
|
546
|
+
(, uint64 requiredRole, ) = _getAdminRestrictions(_msgData());
|
547
|
+
revert AccessManagerUnauthorizedAccount(caller, requiredRole);
|
548
|
+
}
|
549
|
+
// else {
|
550
|
+
// _consumeScheduledOp(hashOperation(caller, address(this), _msgData()));
|
551
|
+
// }
|
552
|
+
}
|
553
|
+
}
|
554
|
+
|
555
|
+
/**
|
556
|
+
* @dev Get the admin restrictions of a given function call based on the function and arguments involved.
|
557
|
+
*
|
558
|
+
* Returns:
|
559
|
+
* - bool restricted: does this data match a restricted operation
|
560
|
+
* - uint64: which role is this operation restricted to
|
561
|
+
* - uint32: minimum delay to enforce for that operation (max between operation's delay and admin's execution delay)
|
562
|
+
*/
|
563
|
+
function _getAdminRestrictions(
|
564
|
+
bytes calldata data
|
565
|
+
) private view returns (bool restricted, uint64 roleAdminId, uint32 executionDelay) {
|
566
|
+
if (data.length < 4) {
|
567
|
+
return (false, 0, 0);
|
568
|
+
}
|
569
|
+
|
570
|
+
bytes4 selector = _checkSelector(data);
|
571
|
+
|
572
|
+
// Restricted to ADMIN with no delay beside any execution delay the caller may have
|
573
|
+
if (
|
574
|
+
selector == this.labelRole.selector ||
|
575
|
+
selector == this.setRoleAdmin.selector ||
|
576
|
+
selector == this.setRoleGuardian.selector ||
|
577
|
+
selector == this.setGrantDelay.selector ||
|
578
|
+
selector == this.setTargetAdminDelay.selector
|
579
|
+
) {
|
580
|
+
return (true, ADMIN_ROLE, 0);
|
581
|
+
}
|
582
|
+
|
583
|
+
// Restricted to ADMIN with the admin delay corresponding to the target
|
584
|
+
if (
|
585
|
+
selector == this.updateAuthority.selector ||
|
586
|
+
selector == this.setTargetClosed.selector ||
|
587
|
+
selector == this.setTargetFunctionRole.selector
|
588
|
+
) {
|
589
|
+
// First argument is a target.
|
590
|
+
address target = abi.decode(data[0x04:0x24], (address));
|
591
|
+
uint32 delay = getTargetAdminDelay(target);
|
592
|
+
return (true, ADMIN_ROLE, delay);
|
593
|
+
}
|
594
|
+
|
595
|
+
// Restricted to that role's admin with no delay beside any execution delay the caller may have.
|
596
|
+
if (selector == this.grantRole.selector || selector == this.revokeRole.selector) {
|
597
|
+
// First argument is a roleId.
|
598
|
+
uint64 roleId = abi.decode(data[0x04:0x24], (uint64));
|
599
|
+
return (true, getRoleAdmin(roleId), 0);
|
600
|
+
}
|
601
|
+
|
602
|
+
return (false, 0, 0);
|
603
|
+
}
|
604
|
+
|
605
|
+
// =================================================== HELPERS ====================================================
|
606
|
+
/**
|
607
|
+
* @dev An extended version of {canCall} for internal usage that checks {_canCallSelf}
|
608
|
+
* when the target is this contract.
|
609
|
+
*
|
610
|
+
* Returns:
|
611
|
+
* - bool immediate: whether the operation can be executed immediately (with no delay)
|
612
|
+
* - uint32 delay: the execution delay
|
613
|
+
*/
|
614
|
+
function _canCallExtended(
|
615
|
+
address caller,
|
616
|
+
address target,
|
617
|
+
bytes calldata data
|
618
|
+
) private view returns (bool immediate, uint32 delay) {
|
619
|
+
if (target == address(this)) {
|
620
|
+
return _canCallSelf(caller, data);
|
621
|
+
} else {
|
622
|
+
return data.length < 4 ? (false, 0) : canCall(caller, target, _checkSelector(data));
|
623
|
+
}
|
624
|
+
}
|
625
|
+
|
626
|
+
/**
|
627
|
+
* @dev A version of {canCall} that checks for admin restrictions in this contract.
|
628
|
+
*/
|
629
|
+
function _canCallSelf(address caller, bytes calldata data) private view returns (bool immediate, uint32 delay) {
|
630
|
+
if (data.length < 4) {
|
631
|
+
return (false, 0);
|
632
|
+
}
|
633
|
+
|
634
|
+
// if (caller == address(this)) {
|
635
|
+
// // Caller is AccessManager, this means the call was sent through {execute} and it already checked
|
636
|
+
// // permissions. We verify that the call "identifier", which is set during {execute}, is correct.
|
637
|
+
// return (_isExecuting(address(this), _checkSelector(data)), 0);
|
638
|
+
// }
|
639
|
+
|
640
|
+
(bool enabled, uint64 roleId, uint32 operationDelay) = _getAdminRestrictions(data);
|
641
|
+
if (!enabled) {
|
642
|
+
return (false, 0);
|
643
|
+
}
|
644
|
+
|
645
|
+
(bool inRole, uint32 executionDelay) = hasRole(roleId, caller);
|
646
|
+
if (!inRole) {
|
647
|
+
return (false, 0);
|
648
|
+
}
|
649
|
+
|
650
|
+
// downcast is safe because both options are uint32
|
651
|
+
delay = 0; // uint32(Math.max(operationDelay, executionDelay));
|
652
|
+
return (delay == 0, delay);
|
653
|
+
}
|
654
|
+
|
655
|
+
// /**
|
656
|
+
// * @dev Returns true if a call with `target` and `selector` is being executed via {executed}.
|
657
|
+
// */
|
658
|
+
// function _isExecuting(address target, bytes4 selector) private view returns (bool) {
|
659
|
+
// return _executionId == _hashExecutionId(target, selector);
|
660
|
+
// }
|
661
|
+
|
662
|
+
// /**
|
663
|
+
// * @dev Returns true if a schedule timepoint is past its expiration deadline.
|
664
|
+
// */
|
665
|
+
// function _isExpired(uint48 timepoint) private view returns (bool) {
|
666
|
+
// return timepoint + expiration() <= Time.timestamp();
|
667
|
+
// }
|
668
|
+
|
669
|
+
/**
|
670
|
+
* @dev Extracts the selector from calldata. Panics if data is not at least 4 bytes
|
671
|
+
*/
|
672
|
+
function _checkSelector(bytes calldata data) private pure returns (bytes4) {
|
673
|
+
return bytes4(data[0:4]);
|
674
|
+
}
|
675
|
+
|
676
|
+
/**
|
677
|
+
* @dev Hashing function for execute protection
|
678
|
+
*/
|
679
|
+
// function _hashExecutionId(address target, bytes4 selector) private pure returns (bytes32) {
|
680
|
+
// return keccak256(abi.encode(target, selector));
|
681
|
+
// }
|
682
|
+
}
|