@etherisc/gif-next 0.0.2-e37834a-021 → 0.0.2-e3f4f82-063
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +108 -1
- package/artifacts/contracts/components/BaseComponent.sol/BaseComponent.dbg.json +1 -1
- package/artifacts/contracts/components/BaseComponent.sol/BaseComponent.json +116 -2
- package/artifacts/contracts/components/Distribution.sol/Distribution.dbg.json +1 -1
- package/artifacts/contracts/components/Distribution.sol/Distribution.json +204 -31
- package/artifacts/contracts/components/IBaseComponent.sol/IBaseComponent.dbg.json +1 -1
- package/artifacts/contracts/components/IBaseComponent.sol/IBaseComponent.json +106 -3
- package/artifacts/contracts/components/IDistributionComponent.sol/IDistributionComponent.dbg.json +1 -1
- package/artifacts/contracts/components/IDistributionComponent.sol/IDistributionComponent.json +0 -25
- package/artifacts/contracts/components/IPoolComponent.sol/IPoolComponent.dbg.json +1 -1
- package/artifacts/contracts/components/IPoolComponent.sol/IPoolComponent.json +2 -61
- package/artifacts/contracts/components/IProductComponent.sol/IProductComponent.dbg.json +1 -1
- package/artifacts/contracts/components/IProductComponent.sol/IProductComponent.json +0 -50
- package/artifacts/contracts/components/Pool.sol/Pool.dbg.json +1 -1
- package/artifacts/contracts/components/Pool.sol/Pool.json +253 -68
- package/artifacts/contracts/components/Product.sol/Product.dbg.json +1 -1
- package/artifacts/contracts/components/Product.sol/Product.json +272 -45
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Cloner.dbg.json +4 -0
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Cloner.json +66 -0
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Mock1.dbg.json +4 -0
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Mock1.json +24 -0
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Mock2.dbg.json +4 -0
- package/artifacts/contracts/experiment/cloning/Cloner.sol/Mock2.json +42 -0
- package/artifacts/contracts/experiment/errors/Require.sol/Require.dbg.json +1 -1
- package/artifacts/contracts/experiment/errors/Revert.sol/Revert.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/A.sol/A.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/A.sol/AShared.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/B.sol/B.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/C.sol/C.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IA.sol/IA.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IA.sol/ISharedA.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IB.sol/IB.dbg.json +1 -1
- package/artifacts/contracts/experiment/inheritance/IC.sol/IC.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/Dummy.sol/LifeCycleModule.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/Dummy.sol/LifeCycleModule.json +2 -2
- package/artifacts/contracts/experiment/statemachine/ISM.sol/ISM.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/ISM.sol/ISMEE.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SM.sol/SM.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SM.sol/SM.json +2 -2
- package/artifacts/contracts/experiment/statemachine/SimpleStateMachine.sol/SimpleStateMachine.dbg.json +1 -1
- package/artifacts/contracts/experiment/statemachine/SimpleStateMachine.sol/SimpleStateMachine.json +2 -2
- package/artifacts/contracts/experiment/types/TypeA.sol/TypeALib.dbg.json +1 -1
- package/artifacts/contracts/experiment/types/TypeB.sol/TypeBLib.dbg.json +1 -1
- package/artifacts/contracts/instance/AccessManagedSimple.sol/AccessManagedSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/AccessManagedSimple.sol/AccessManagedSimple.json +101 -0
- package/artifacts/contracts/instance/AccessManagerSimple.sol/AccessManagerSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/AccessManagerSimple.sol/AccessManagerSimple.json +1132 -0
- package/artifacts/contracts/instance/IAccessManagerSimple.sol/IAccessManagerSimple.dbg.json +4 -0
- package/artifacts/contracts/instance/IAccessManagerSimple.sol/IAccessManagerSimple.json +1082 -0
- package/artifacts/contracts/instance/IInstance.sol/IInstance.dbg.json +1 -1
- package/artifacts/contracts/instance/IInstance.sol/IInstance.json +732 -1219
- package/artifacts/contracts/instance/IInstanceService.sol/IInstanceService.dbg.json +4 -0
- package/artifacts/contracts/instance/IInstanceService.sol/IInstanceService.json +480 -0
- package/artifacts/contracts/instance/Instance.sol/Instance.dbg.json +1 -1
- package/artifacts/contracts/instance/Instance.sol/Instance.json +2327 -1324
- package/artifacts/contracts/instance/InstanceAccessManager.sol/InstanceAccessManager.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceAccessManager.sol/InstanceAccessManager.json +917 -0
- package/artifacts/contracts/instance/InstanceReader.sol/InstanceReader.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceReader.sol/InstanceReader.json +1422 -0
- package/artifacts/contracts/instance/InstanceService.sol/InstanceService.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceService.sol/InstanceService.json +931 -0
- package/artifacts/contracts/instance/InstanceServiceManager.sol/InstanceServiceManager.dbg.json +4 -0
- package/artifacts/contracts/instance/InstanceServiceManager.sol/InstanceServiceManager.json +508 -0
- package/artifacts/contracts/instance/base/ComponentServiceBase.sol/ComponentServiceBase.dbg.json +1 -1
- package/artifacts/contracts/instance/base/ComponentServiceBase.sol/ComponentServiceBase.json +149 -2
- package/artifacts/contracts/instance/base/IInstanceBase.sol/IInstanceBase.dbg.json +1 -1
- package/artifacts/contracts/instance/base/IKeyValueStore.sol/IKeyValueStore.dbg.json +1 -1
- package/artifacts/contracts/instance/base/IKeyValueStore.sol/IKeyValueStore.json +27 -158
- package/artifacts/contracts/instance/base/ILifecycle.sol/ILifecycle.dbg.json +1 -1
- package/artifacts/contracts/instance/base/KeyValueStore.sol/KeyValueStore.dbg.json +1 -1
- package/artifacts/contracts/instance/base/KeyValueStore.sol/KeyValueStore.json +37 -245
- package/artifacts/contracts/instance/base/Lifecycle.sol/Lifecycle.dbg.json +1 -1
- package/artifacts/contracts/instance/base/Lifecycle.sol/Lifecycle.json +2 -2
- package/artifacts/contracts/instance/module/IAccess.sol/IAccess.dbg.json +4 -0
- package/artifacts/contracts/instance/module/IAccess.sol/IAccess.json +211 -0
- package/artifacts/contracts/instance/module/IBundle.sol/IBundle.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{bundle/IBundle.sol → IBundle.sol}/IBundle.json +1 -1
- package/artifacts/contracts/instance/module/IDistribution.sol/IDistribution.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{distribution/IDistribution.sol → IDistribution.sol}/IDistribution.json +1 -1
- package/artifacts/contracts/instance/module/IPolicy.sol/IPolicy.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{policy/IPolicy.sol → IPolicy.sol}/IPolicy.json +1 -1
- package/artifacts/contracts/instance/module/IRisk.sol/IRisk.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{risk/IRisk.sol → IRisk.sol}/IRisk.json +1 -1
- package/artifacts/contracts/instance/module/ISetup.sol/ISetup.dbg.json +4 -0
- package/artifacts/contracts/instance/{base/ModuleBase.sol/ModuleBase.json → module/ISetup.sol/ISetup.json} +2 -2
- package/artifacts/contracts/instance/module/ITreasury.sol/ITreasury.dbg.json +4 -0
- package/artifacts/contracts/instance/module/{treasury/ITreasury.sol → ITreasury.sol}/ITreasury.json +1 -1
- package/artifacts/contracts/instance/service/ComponentOwnerService.sol/ComponentOwnerService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/ComponentOwnerService.sol/ComponentOwnerService.json +178 -41
- package/artifacts/contracts/instance/service/DistributionService.sol/DistributionService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/DistributionService.sol/DistributionService.json +212 -22
- package/artifacts/contracts/instance/service/DistributionServiceManager.sol/DistributionServiceManager.dbg.json +4 -0
- package/artifacts/contracts/instance/service/DistributionServiceManager.sol/DistributionServiceManager.json +444 -0
- package/artifacts/contracts/instance/service/IComponentOwnerService.sol/IComponentOwnerService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/IComponentOwnerService.sol/IComponentOwnerService.json +81 -4
- package/artifacts/contracts/instance/service/IDistributionService.sol/IDistributionService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/IDistributionService.sol/IDistributionService.json +80 -3
- package/artifacts/contracts/instance/service/IPoolService.sol/IPoolService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/IPoolService.sol/IPoolService.json +188 -3
- package/artifacts/contracts/instance/service/IProductService.sol/IProductService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/IProductService.sol/IProductService.json +120 -34
- package/artifacts/contracts/instance/service/PoolService.sol/PoolService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/PoolService.sol/PoolService.json +346 -24
- package/artifacts/contracts/instance/service/PoolServiceManager.sol/PoolServiceManager.dbg.json +4 -0
- package/artifacts/contracts/instance/service/PoolServiceManager.sol/PoolServiceManager.json +460 -0
- package/artifacts/contracts/instance/service/ProductService.sol/ProductService.dbg.json +1 -1
- package/artifacts/contracts/instance/service/ProductService.sol/ProductService.json +269 -86
- package/artifacts/contracts/instance/service/ProductServiceManager.sol/ProductServiceManager.dbg.json +4 -0
- package/artifacts/contracts/instance/service/ProductServiceManager.sol/ProductServiceManager.json +488 -0
- package/artifacts/contracts/registry/ChainNft.sol/ChainNft.dbg.json +1 -1
- package/artifacts/contracts/registry/ChainNft.sol/ChainNft.json +47 -2
- package/artifacts/contracts/registry/IRegistry.sol/IRegistry.dbg.json +1 -1
- package/artifacts/contracts/registry/IRegistry.sol/IRegistry.json +199 -112
- package/artifacts/contracts/registry/IRegistryService.sol/IRegistryService.dbg.json +1 -1
- package/artifacts/contracts/registry/IRegistryService.sol/IRegistryService.json +297 -18
- package/artifacts/contracts/registry/ITransferInterceptor.sol/ITransferInterceptor.dbg.json +1 -1
- package/artifacts/contracts/registry/Registry.sol/Registry.dbg.json +1 -1
- package/artifacts/contracts/registry/Registry.sol/Registry.json +167 -166
- package/artifacts/contracts/registry/RegistryService.sol/RegistryService.dbg.json +1 -1
- package/artifacts/contracts/registry/RegistryService.sol/RegistryService.json +447 -39
- package/artifacts/contracts/registry/RegistryServiceManager.sol/RegistryServiceManager.dbg.json +1 -1
- package/artifacts/contracts/registry/RegistryServiceManager.sol/RegistryServiceManager.json +105 -48
- package/artifacts/contracts/registry/TokenRegistry.sol/TokenRegistry.dbg.json +4 -0
- package/artifacts/contracts/registry/TokenRegistry.sol/TokenRegistry.json +410 -0
- package/artifacts/contracts/shared/ContractDeployerLib.sol/ContractDeployerLib.dbg.json +1 -1
- package/artifacts/contracts/shared/ERC165.sol/ERC165.dbg.json +1 -1
- package/artifacts/contracts/shared/ERC165.sol/ERC165.json +2 -2
- package/artifacts/contracts/shared/INftOwnable.sol/INftOwnable.dbg.json +4 -0
- package/artifacts/contracts/{instance/module/component/ComponentModule.sol/ComponentModule.json → shared/INftOwnable.sol/INftOwnable.json} +67 -57
- package/artifacts/contracts/shared/IRegisterable.sol/IRegisterable.dbg.json +1 -1
- package/artifacts/contracts/shared/IRegisterable.sol/IRegisterable.json +80 -3
- package/artifacts/contracts/shared/IService.sol/IService.dbg.json +4 -0
- package/artifacts/contracts/{instance/base/ServiceBase.sol/ServiceBase.json → shared/IService.sol/IService.json} +76 -35
- package/artifacts/contracts/shared/IVersionable.sol/IVersionable.dbg.json +1 -1
- package/artifacts/contracts/shared/NftOwnable.sol/NftOwnable.dbg.json +1 -1
- package/artifacts/contracts/shared/NftOwnable.sol/NftOwnable.json +32 -6
- package/artifacts/contracts/shared/ProxyManager.sol/ProxyManager.dbg.json +1 -1
- package/artifacts/contracts/shared/ProxyManager.sol/ProxyManager.json +21 -16
- package/artifacts/contracts/shared/Registerable.sol/Registerable.dbg.json +1 -1
- package/artifacts/contracts/shared/Registerable.sol/Registerable.json +120 -6
- package/artifacts/contracts/shared/RegisterableUpgradable.sol/RegisterableUpgradable.dbg.json +4 -0
- package/artifacts/contracts/{instance/base/IService.sol/IService.json → shared/RegisterableUpgradable.sol/RegisterableUpgradable.json} +137 -39
- package/artifacts/contracts/shared/Service.sol/Service.dbg.json +4 -0
- package/artifacts/contracts/{instance/base/InstanceBase.sol/InstanceBase.json → shared/Service.sol/Service.json} +106 -94
- package/artifacts/contracts/shared/TokenHandler.sol/TokenHandler.dbg.json +4 -0
- package/artifacts/contracts/shared/TokenHandler.sol/TokenHandler.json +96 -0
- package/artifacts/contracts/shared/UpgradableProxyWithAdmin.sol/UpgradableProxyWithAdmin.dbg.json +1 -1
- package/artifacts/contracts/shared/UpgradableProxyWithAdmin.sol/UpgradableProxyWithAdmin.json +2 -2
- package/artifacts/contracts/shared/Versionable.sol/Versionable.dbg.json +1 -1
- package/artifacts/contracts/test/TestFee.sol/TestFee.dbg.json +1 -1
- package/artifacts/contracts/test/TestFee.sol/TestFee.json +4 -4
- package/artifacts/contracts/test/TestRegisterable.sol/TestRegisterable.dbg.json +1 -1
- package/artifacts/contracts/test/TestRegisterable.sol/TestRegisterable.json +120 -6
- package/artifacts/contracts/test/TestRoleId.sol/TestRoleId.dbg.json +1 -1
- package/artifacts/contracts/test/TestRoleId.sol/TestRoleId.json +14 -14
- package/artifacts/contracts/test/TestService.sol/TestService.dbg.json +1 -1
- package/artifacts/contracts/test/TestService.sol/TestService.json +142 -14
- package/artifacts/contracts/test/TestToken.sol/TestUsdc.dbg.json +1 -1
- package/artifacts/contracts/test/TestToken.sol/TestUsdc.json +91 -53
- package/artifacts/contracts/test/TestVersion.sol/TestVersion.dbg.json +1 -1
- package/artifacts/contracts/test/TestVersion.sol/TestVersion.json +2 -2
- package/artifacts/contracts/test/TestVersionable.sol/TestVersionable.dbg.json +1 -1
- package/artifacts/contracts/test/TestVersionable.sol/TestVersionable.json +18 -2
- package/artifacts/contracts/test/Usdc.sol/USDC.dbg.json +1 -1
- package/artifacts/contracts/test/Usdc.sol/USDC.json +91 -53
- package/artifacts/contracts/types/AddressSet.sol/LibAddressSet.dbg.json +1 -1
- package/artifacts/contracts/types/Blocknumber.sol/BlocknumberLib.dbg.json +1 -1
- package/artifacts/contracts/types/ChainId.sol/ChainIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/DistributorType.sol/DistributorTypeLib.dbg.json +4 -0
- package/artifacts/contracts/types/DistributorType.sol/DistributorTypeLib.json +104 -0
- package/artifacts/contracts/types/Fee.sol/FeeLib.dbg.json +1 -1
- package/artifacts/contracts/types/Fee.sol/FeeLib.json +4 -4
- package/artifacts/contracts/types/Key32.sol/Key32Lib.dbg.json +1 -1
- package/artifacts/contracts/types/Key32.sol/Key32Lib.json +31 -17
- package/artifacts/contracts/types/NftId.sol/NftIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/NftId.sol/NftIdLib.json +2 -2
- package/artifacts/contracts/types/NftIdSet.sol/LibNftIdSet.dbg.json +1 -1
- package/artifacts/contracts/types/NftIdSet.sol/LibNftIdSet.json +2 -2
- package/artifacts/contracts/types/NumberId.sol/NumberIdLib.dbg.json +4 -0
- package/artifacts/contracts/types/NumberId.sol/NumberIdLib.json +100 -0
- package/artifacts/contracts/types/ObjectType.sol/ObjectTypeLib.dbg.json +1 -1
- package/artifacts/contracts/types/ObjectType.sol/ObjectTypeLib.json +2 -2
- package/artifacts/contracts/types/Referral.sol/ReferralLib.dbg.json +4 -0
- package/artifacts/contracts/types/Referral.sol/ReferralLib.json +123 -0
- package/artifacts/contracts/types/RiskId.sol/RiskIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/RiskId.sol/RiskIdLib.json +2 -2
- package/artifacts/contracts/types/RoleId.sol/RoleIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/RoleId.sol/RoleIdLib.json +134 -8
- package/artifacts/contracts/types/StateId.sol/StateIdLib.dbg.json +1 -1
- package/artifacts/contracts/types/StateId.sol/StateIdLib.json +2 -2
- package/artifacts/contracts/types/Timestamp.sol/TimestampLib.dbg.json +1 -1
- package/artifacts/contracts/types/Timestamp.sol/TimestampLib.json +15 -2
- package/artifacts/contracts/types/UFixed.sol/MathLib.dbg.json +4 -0
- package/artifacts/contracts/types/UFixed.sol/MathLib.json +10 -0
- package/artifacts/contracts/types/UFixed.sol/UFixedLib.dbg.json +4 -0
- package/artifacts/contracts/types/UFixed.sol/{UFixedMathLib.json → UFixedLib.json} +3 -3
- package/artifacts/contracts/types/Version.sol/VersionLib.dbg.json +1 -1
- package/artifacts/contracts/types/Version.sol/VersionLib.json +2 -2
- package/artifacts/contracts/types/Version.sol/VersionPartLib.dbg.json +1 -1
- package/artifacts/contracts/types/Version.sol/VersionPartLib.json +22 -3
- package/contracts/components/BaseComponent.sol +16 -4
- package/contracts/components/Distribution.sol +23 -15
- package/contracts/components/IBaseComponent.sol +9 -3
- package/contracts/components/IDistributionComponent.sol +2 -4
- package/contracts/components/IPoolComponent.sol +1 -3
- package/contracts/components/IProductComponent.sol +2 -4
- package/contracts/components/Pool.sol +33 -32
- package/contracts/components/Product.sol +52 -62
- package/contracts/experiment/cloning/Cloner.sol +47 -0
- package/contracts/instance/AccessManagedSimple.sol +115 -0
- package/contracts/instance/AccessManagerSimple.sol +692 -0
- package/contracts/instance/IAccessManagerSimple.sol +391 -0
- package/contracts/instance/IInstance.sol +47 -47
- package/contracts/instance/IInstanceService.sol +30 -0
- package/contracts/instance/Instance.sol +423 -65
- package/contracts/instance/InstanceAccessManager.sol +288 -0
- package/contracts/instance/InstanceReader.sol +315 -0
- package/contracts/instance/InstanceService.sol +198 -0
- package/contracts/instance/InstanceServiceManager.sol +57 -0
- package/contracts/instance/base/ComponentServiceBase.sol +93 -8
- package/contracts/instance/base/IKeyValueStore.sol +13 -14
- package/contracts/instance/base/ILifecycle.sol +3 -3
- package/contracts/instance/base/KeyValueStore.sol +49 -38
- package/contracts/instance/base/Lifecycle.sol +1 -1
- package/contracts/instance/module/IAccess.sol +38 -0
- package/contracts/instance/module/IBundle.sol +20 -0
- package/contracts/instance/module/IDistribution.sol +39 -0
- package/contracts/instance/module/IPolicy.sol +45 -0
- package/contracts/instance/module/IRisk.sol +11 -0
- package/contracts/instance/module/ISetup.sol +47 -0
- package/contracts/instance/module/ITreasury.sol +23 -0
- package/contracts/instance/service/ComponentOwnerService.sol +145 -100
- package/contracts/instance/service/DistributionService.sol +49 -15
- package/contracts/instance/service/DistributionServiceManager.sol +54 -0
- package/contracts/instance/service/IComponentOwnerService.sol +1 -1
- package/contracts/instance/service/IDistributionService.sol +1 -1
- package/contracts/instance/service/IPoolService.sol +7 -1
- package/contracts/instance/service/IProductService.sol +9 -6
- package/contracts/instance/service/PoolService.sol +101 -46
- package/contracts/instance/service/PoolServiceManager.sol +54 -0
- package/contracts/instance/service/ProductService.sol +170 -118
- package/contracts/instance/service/ProductServiceManager.sol +54 -0
- package/contracts/registry/ChainNft.sol +40 -25
- package/contracts/registry/IRegistry.sol +35 -27
- package/contracts/registry/IRegistryService.sol +36 -15
- package/contracts/registry/Registry.sol +137 -179
- package/contracts/registry/RegistryService.sol +149 -166
- package/contracts/registry/RegistryServiceManager.sol +38 -10
- package/contracts/registry/TokenRegistry.sol +111 -0
- package/contracts/shared/ERC165.sol +7 -3
- package/contracts/shared/INftOwnable.sol +22 -0
- package/contracts/shared/IRegisterable.sol +3 -8
- package/contracts/{instance/base → shared}/IService.sol +3 -3
- package/contracts/shared/NftOwnable.sol +85 -38
- package/contracts/shared/ProxyManager.sol +3 -12
- package/contracts/shared/Registerable.sol +15 -42
- package/contracts/shared/RegisterableUpgradable.sol +16 -0
- package/contracts/shared/Service.sol +55 -0
- package/contracts/shared/TokenHandler.sol +27 -0
- package/contracts/shared/UpgradableProxyWithAdmin.sol +2 -2
- package/contracts/shared/Versionable.sol +3 -3
- package/contracts/test/TestFee.sol +2 -2
- package/contracts/test/TestRoleId.sol +1 -1
- package/contracts/test/TestService.sol +3 -5
- package/contracts/types/DistributorType.sol +55 -0
- package/contracts/types/Fee.sol +3 -3
- package/contracts/types/Key32.sol +8 -3
- package/contracts/types/NumberId.sol +52 -0
- package/contracts/types/ObjectType.sol +35 -14
- package/contracts/types/Referral.sol +85 -0
- package/contracts/types/RoleId.sol +61 -9
- package/contracts/types/StateId.sol +5 -1
- package/contracts/types/Timestamp.sol +7 -3
- package/contracts/types/UFixed.sol +128 -12
- package/contracts/types/Version.sol +4 -1
- package/package.json +4 -3
- package/artifacts/contracts/instance/IInstanceLinked.sol/IInstanceLinked.dbg.json +0 -4
- package/artifacts/contracts/instance/IInstanceLinked.sol/IInstanceLinked.json +0 -24
- package/artifacts/contracts/instance/base/IService.sol/IService.dbg.json +0 -4
- package/artifacts/contracts/instance/base/InstanceBase.sol/InstanceBase.dbg.json +0 -4
- package/artifacts/contracts/instance/base/ModuleBase.sol/ModuleBase.dbg.json +0 -4
- package/artifacts/contracts/instance/base/ServiceBase.sol/ServiceBase.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/Access.sol/AccessModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/Access.sol/AccessModule.json +0 -333
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccess.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccess.json +0 -10
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccessModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/access/IAccess.sol/IAccessModule.json +0 -333
- package/artifacts/contracts/instance/module/bundle/BundleModule.sol/BundleModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/BundleModule.sol/BundleModule.json +0 -297
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundle.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundleModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/bundle/IBundle.sol/IBundleModule.json +0 -297
- package/artifacts/contracts/instance/module/component/ComponentModule.sol/ComponentModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponent.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponent.json +0 -10
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponentModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/component/IComponent.sol/IComponentModule.json +0 -117
- package/artifacts/contracts/instance/module/distribution/DistributionModule.sol/DistributionModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/distribution/DistributionModule.sol/DistributionModule.json +0 -10
- package/artifacts/contracts/instance/module/distribution/IDistribution.sol/IDistribution.dbg.json +0 -4
- package/artifacts/contracts/instance/module/distribution/IDistribution.sol/IDistributionModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/distribution/IDistribution.sol/IDistributionModule.json +0 -10
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicy.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicyModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/IPolicy.sol/IPolicyModule.json +0 -284
- package/artifacts/contracts/instance/module/policy/PolicyModule.sol/PolicyModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/policy/PolicyModule.sol/PolicyModule.json +0 -284
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPool.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPool.json +0 -10
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPoolModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/IPoolModule.sol/IPoolModule.json +0 -164
- package/artifacts/contracts/instance/module/pool/PoolModule.sol/PoolModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/pool/PoolModule.sol/PoolModule.json +0 -164
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRisk.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRiskModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/IRisk.sol/IRiskModule.json +0 -113
- package/artifacts/contracts/instance/module/risk/RiskModule.sol/RiskModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/risk/RiskModule.sol/RiskModule.json +0 -131
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasury.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasuryModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/ITreasury.sol/ITreasuryModule.json +0 -638
- package/artifacts/contracts/instance/module/treasury/TokenHandler.sol/TokenHandler.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/TokenHandler.sol/TokenHandler.json +0 -76
- package/artifacts/contracts/instance/module/treasury/TreasuryModule.sol/TreasuryModule.dbg.json +0 -4
- package/artifacts/contracts/instance/module/treasury/TreasuryModule.sol/TreasuryModule.json +0 -638
- package/artifacts/contracts/registry/IChainNft.sol/IChainNft.dbg.json +0 -4
- package/artifacts/contracts/registry/IChainNft.sol/IChainNft.json +0 -457
- package/artifacts/contracts/shared/IOwnable.sol/IOwnable.dbg.json +0 -4
- package/artifacts/contracts/shared/IOwnable.sol/IOwnable.json +0 -24
- package/artifacts/contracts/test/TestDistribution.sol/TestDistribution.dbg.json +0 -4
- package/artifacts/contracts/test/TestDistribution.sol/TestDistribution.json +0 -445
- package/artifacts/contracts/test/TestPool.sol/TestPool.dbg.json +0 -4
- package/artifacts/contracts/test/TestPool.sol/TestPool.json +0 -602
- package/artifacts/contracts/test/TestProduct.sol/TestProduct.dbg.json +0 -4
- package/artifacts/contracts/test/TestProduct.sol/TestProduct.json +0 -632
- package/artifacts/contracts/types/ReferralId.sol/ReferralIdLib.dbg.json +0 -4
- package/artifacts/contracts/types/ReferralId.sol/ReferralIdLib.json +0 -99
- package/artifacts/contracts/types/UFixed.sol/UFixedMathLib.dbg.json +0 -4
- package/contracts/instance/IInstanceLinked.sol +0 -8
- package/contracts/instance/base/InstanceBase.sol +0 -89
- package/contracts/instance/base/ModuleBase.sol +0 -57
- package/contracts/instance/base/ServiceBase.sol +0 -43
- package/contracts/instance/module/access/Access.sol +0 -149
- package/contracts/instance/module/access/IAccess.sol +0 -53
- package/contracts/instance/module/bundle/BundleModule.sol +0 -134
- package/contracts/instance/module/bundle/IBundle.sol +0 -53
- package/contracts/instance/module/component/ComponentModule.sol +0 -71
- package/contracts/instance/module/component/IComponent.sol +0 -28
- package/contracts/instance/module/distribution/DistributionModule.sol +0 -17
- package/contracts/instance/module/distribution/IDistribution.sol +0 -10
- package/contracts/instance/module/policy/IPolicy.sol +0 -63
- package/contracts/instance/module/policy/PolicyModule.sol +0 -91
- package/contracts/instance/module/pool/IPoolModule.sol +0 -41
- package/contracts/instance/module/pool/PoolModule.sol +0 -95
- package/contracts/instance/module/risk/IRisk.sol +0 -26
- package/contracts/instance/module/risk/RiskModule.sol +0 -62
- package/contracts/instance/module/treasury/ITreasury.sol +0 -84
- package/contracts/instance/module/treasury/TokenHandler.sol +0 -48
- package/contracts/instance/module/treasury/TreasuryModule.sol +0 -131
- package/contracts/registry/IChainNft.sol +0 -22
- package/contracts/shared/IOwnable.sol +0 -6
- package/contracts/test/TestDistribution.sol +0 -22
- package/contracts/test/TestPool.sol +0 -27
- package/contracts/test/TestProduct.sol +0 -74
- package/contracts/types/ReferralId.sol +0 -48
@@ -0,0 +1,692 @@
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
2
|
+
pragma solidity ^0.8.20;
|
3
|
+
|
4
|
+
import {Context} from "@openzeppelin/contracts/utils/Context.sol";
|
5
|
+
import {IAccessManaged} from "@openzeppelin/contracts/access/manager/IAccessManaged.sol";
|
6
|
+
|
7
|
+
import {IAccessManagerSimple} from "./IAccessManagerSimple.sol";
|
8
|
+
|
9
|
+
type Delay is uint112;
|
10
|
+
|
11
|
+
// @dev as oz5 AccessManager but without multicall and without timing logic
|
12
|
+
contract AccessManagerSimple is Context, IAccessManagerSimple {
|
13
|
+
// Structure that stores the details for a target contract.
|
14
|
+
struct TargetConfig {
|
15
|
+
mapping(bytes4 selector => uint64 roleId) allowedRoles;
|
16
|
+
uint112 adminDelay;
|
17
|
+
bool closed;
|
18
|
+
}
|
19
|
+
|
20
|
+
// Structure that stores the details for a role/account pair. This structures fit into a single slot.
|
21
|
+
struct Access {
|
22
|
+
// Timepoint at which the user gets the permission.
|
23
|
+
// If this is either 0 or in the future, then the role permission is not available.
|
24
|
+
uint48 since;
|
25
|
+
// Delay for execution. Only applies to restricted() / execute() calls.
|
26
|
+
Delay delay;
|
27
|
+
}
|
28
|
+
|
29
|
+
// Structure that stores the details of a role.
|
30
|
+
struct Role {
|
31
|
+
// Members of the role.
|
32
|
+
mapping(address user => Access access) members;
|
33
|
+
// Admin who can grant or revoke permissions.
|
34
|
+
uint64 admin;
|
35
|
+
// Guardian who can cancel operations targeting functions that need this role.
|
36
|
+
uint64 guardian;
|
37
|
+
// Delay in which the role takes effect after being granted.
|
38
|
+
Delay grantDelay;
|
39
|
+
}
|
40
|
+
|
41
|
+
// Structure that stores the details for a scheduled operation. This structure fits into a single slot.
|
42
|
+
struct Schedule {
|
43
|
+
// Moment at which the operation can be executed.
|
44
|
+
uint48 timepoint;
|
45
|
+
// Operation nonce to allow third-party contracts to identify the operation.
|
46
|
+
uint32 nonce;
|
47
|
+
}
|
48
|
+
|
49
|
+
bool private _initialized;
|
50
|
+
|
51
|
+
uint64 public constant ADMIN_ROLE = type(uint64).min; // 0
|
52
|
+
uint64 public constant PUBLIC_ROLE = type(uint64).max; // 2**64-1
|
53
|
+
|
54
|
+
mapping(address target => TargetConfig mode) private _targets;
|
55
|
+
mapping(uint64 roleId => Role) private _roles;
|
56
|
+
mapping(bytes32 operationId => Schedule) private _schedules;
|
57
|
+
|
58
|
+
// Used to identify operations that are currently being executed via {execute}.
|
59
|
+
// This should be transient storage when supported by the EVM.
|
60
|
+
bytes32 private _executionId;
|
61
|
+
|
62
|
+
/**
|
63
|
+
* @dev Check that the caller is authorized to perform the operation, following the restrictions encoded in
|
64
|
+
* {_getAdminRestrictions}.
|
65
|
+
*/
|
66
|
+
modifier onlyAuthorized() {
|
67
|
+
_checkAuthorized();
|
68
|
+
_;
|
69
|
+
}
|
70
|
+
|
71
|
+
constructor(address initialAdmin) {
|
72
|
+
initialize(initialAdmin);
|
73
|
+
}
|
74
|
+
|
75
|
+
function initialize(address initialAdmin) public {
|
76
|
+
require(!_initialized, "AccessManager: already initialized");
|
77
|
+
|
78
|
+
if (initialAdmin == address(0)) {
|
79
|
+
revert AccessManagerInvalidInitialAdmin(address(0));
|
80
|
+
}
|
81
|
+
|
82
|
+
// admin is active immediately and without any execution delay.
|
83
|
+
_grantRole(ADMIN_ROLE, initialAdmin, 0, 0);
|
84
|
+
_initialized = true;
|
85
|
+
}
|
86
|
+
|
87
|
+
|
88
|
+
// =================================================== GETTERS ====================================================
|
89
|
+
/// @inheritdoc IAccessManagerSimple
|
90
|
+
function canCall(
|
91
|
+
address caller,
|
92
|
+
address target,
|
93
|
+
bytes4 selector
|
94
|
+
) public view virtual returns (bool immediate, uint32 delay) {
|
95
|
+
if (isTargetClosed(target)) {
|
96
|
+
return (false, 0);
|
97
|
+
// } else if (caller == address(this)) {
|
98
|
+
// // Caller is AccessManager, this means the call was sent through {execute} and it already checked
|
99
|
+
// // permissions. We verify that the call "identifier", which is set during {execute}, is correct.
|
100
|
+
// return (_isExecuting(target, selector), 0);
|
101
|
+
} else {
|
102
|
+
uint64 roleId = getTargetFunctionRole(target, selector);
|
103
|
+
(bool isMember, uint32 currentDelay) = hasRole(roleId, caller);
|
104
|
+
return isMember ? (currentDelay == 0, currentDelay) : (false, 0);
|
105
|
+
}
|
106
|
+
}
|
107
|
+
|
108
|
+
/// @inheritdoc IAccessManagerSimple
|
109
|
+
function expiration() public view virtual returns (uint32) {
|
110
|
+
return 1 weeks;
|
111
|
+
}
|
112
|
+
|
113
|
+
/// @inheritdoc IAccessManagerSimple
|
114
|
+
function minSetback() public view virtual returns (uint32) {
|
115
|
+
return 5 days;
|
116
|
+
}
|
117
|
+
|
118
|
+
/// @inheritdoc IAccessManagerSimple
|
119
|
+
function isTargetClosed(address target) public view virtual returns (bool) {
|
120
|
+
return _targets[target].closed;
|
121
|
+
}
|
122
|
+
|
123
|
+
/// @inheritdoc IAccessManagerSimple
|
124
|
+
function getTargetFunctionRole(address target, bytes4 selector) public view virtual returns (uint64) {
|
125
|
+
return _targets[target].allowedRoles[selector];
|
126
|
+
}
|
127
|
+
|
128
|
+
/// @inheritdoc IAccessManagerSimple
|
129
|
+
function getTargetAdminDelay(address target) public view virtual returns (uint32) {
|
130
|
+
// return _targets[target].adminDelay.get();
|
131
|
+
}
|
132
|
+
|
133
|
+
/// @inheritdoc IAccessManagerSimple
|
134
|
+
function getRoleAdmin(uint64 roleId) public view virtual returns (uint64) {
|
135
|
+
return _roles[roleId].admin;
|
136
|
+
}
|
137
|
+
|
138
|
+
/// @inheritdoc IAccessManagerSimple
|
139
|
+
function getRoleGuardian(uint64 roleId) public view virtual returns (uint64) {
|
140
|
+
return _roles[roleId].guardian;
|
141
|
+
}
|
142
|
+
|
143
|
+
/// @inheritdoc IAccessManagerSimple
|
144
|
+
function getRoleGrantDelay(uint64 roleId) public view virtual returns (uint32) {
|
145
|
+
// return _roles[roleId].grantDelay.get();
|
146
|
+
}
|
147
|
+
|
148
|
+
/// @inheritdoc IAccessManagerSimple
|
149
|
+
function getAccess(
|
150
|
+
uint64 roleId,
|
151
|
+
address account
|
152
|
+
) public view virtual returns (uint48 since, uint32 currentDelay, uint32 pendingDelay, uint48 effect) {
|
153
|
+
Access storage access = _roles[roleId].members[account];
|
154
|
+
|
155
|
+
since = access.since;
|
156
|
+
// (currentDelay, pendingDelay, effect) = access.delay.getFull();
|
157
|
+
|
158
|
+
return (since, currentDelay, pendingDelay, effect);
|
159
|
+
}
|
160
|
+
|
161
|
+
/// @inheritdoc IAccessManagerSimple
|
162
|
+
function hasRole(
|
163
|
+
uint64 roleId,
|
164
|
+
address account
|
165
|
+
) public view virtual returns (bool isMember, uint32 executionDelay) {
|
166
|
+
if (roleId == PUBLIC_ROLE) {
|
167
|
+
return (true, 0);
|
168
|
+
} else {
|
169
|
+
(uint48 hasRoleSince, uint32 currentDelay, , ) = getAccess(roleId, account);
|
170
|
+
// return (hasRoleSince != 0 && hasRoleSince <= Time.timestamp(), currentDelay);
|
171
|
+
return (hasRoleSince != 0 && hasRoleSince <= uint48(block.timestamp), currentDelay);
|
172
|
+
}
|
173
|
+
}
|
174
|
+
|
175
|
+
// =============================================== ROLE MANAGEMENT ===============================================
|
176
|
+
/// @inheritdoc IAccessManagerSimple
|
177
|
+
function labelRole(uint64 roleId, string calldata label) public virtual onlyAuthorized {
|
178
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
179
|
+
revert AccessManagerLockedRole(roleId);
|
180
|
+
}
|
181
|
+
emit RoleLabel(roleId, label);
|
182
|
+
}
|
183
|
+
|
184
|
+
/// @inheritdoc IAccessManagerSimple
|
185
|
+
function grantRole(uint64 roleId, address account, uint32 executionDelay) public virtual onlyAuthorized {
|
186
|
+
_grantRole(roleId, account, getRoleGrantDelay(roleId), executionDelay);
|
187
|
+
}
|
188
|
+
|
189
|
+
/// @inheritdoc IAccessManagerSimple
|
190
|
+
function revokeRole(uint64 roleId, address account) public virtual onlyAuthorized {
|
191
|
+
_revokeRole(roleId, account);
|
192
|
+
}
|
193
|
+
|
194
|
+
/// @inheritdoc IAccessManagerSimple
|
195
|
+
function renounceRole(uint64 roleId, address callerConfirmation) public virtual {
|
196
|
+
if (callerConfirmation != _msgSender()) {
|
197
|
+
revert AccessManagerBadConfirmation();
|
198
|
+
}
|
199
|
+
_revokeRole(roleId, callerConfirmation);
|
200
|
+
}
|
201
|
+
|
202
|
+
/// @inheritdoc IAccessManagerSimple
|
203
|
+
function setRoleAdmin(uint64 roleId, uint64 admin) public virtual onlyAuthorized {
|
204
|
+
_setRoleAdmin(roleId, admin);
|
205
|
+
}
|
206
|
+
|
207
|
+
/// @inheritdoc IAccessManagerSimple
|
208
|
+
function setRoleGuardian(uint64 roleId, uint64 guardian) public virtual onlyAuthorized {
|
209
|
+
_setRoleGuardian(roleId, guardian);
|
210
|
+
}
|
211
|
+
|
212
|
+
/// @inheritdoc IAccessManagerSimple
|
213
|
+
function setGrantDelay(uint64 roleId, uint32 newDelay) public virtual onlyAuthorized {
|
214
|
+
// _setGrantDelay(roleId, newDelay);
|
215
|
+
}
|
216
|
+
|
217
|
+
/**
|
218
|
+
* @dev Internal version of {grantRole} without access control. Returns true if the role was newly granted.
|
219
|
+
*
|
220
|
+
* Emits a {RoleGranted} event.
|
221
|
+
*/
|
222
|
+
function _grantRole(
|
223
|
+
uint64 roleId,
|
224
|
+
address account,
|
225
|
+
uint32 grantDelay,
|
226
|
+
uint32 executionDelay
|
227
|
+
) internal virtual returns (bool) {
|
228
|
+
if (roleId == PUBLIC_ROLE) {
|
229
|
+
revert AccessManagerLockedRole(roleId);
|
230
|
+
}
|
231
|
+
|
232
|
+
bool newMember = _roles[roleId].members[account].since == 0;
|
233
|
+
uint48 since;
|
234
|
+
|
235
|
+
if (newMember) {
|
236
|
+
since = uint48(block.timestamp); // Time.timestamp() + grantDelay;
|
237
|
+
_roles[roleId].members[account] = Access({since: since, delay: Delay.wrap(0)});
|
238
|
+
}
|
239
|
+
// else {
|
240
|
+
// // No setback here. Value can be reset by doing revoke + grant, effectively allowing the admin to perform
|
241
|
+
// // any change to the execution delay within the duration of the role admin delay.
|
242
|
+
// (_roles[roleId].members[account].delay, since) = _roles[roleId].members[account].delay.withUpdate(
|
243
|
+
// executionDelay,
|
244
|
+
// 0
|
245
|
+
// );
|
246
|
+
// }
|
247
|
+
|
248
|
+
emit RoleGranted(roleId, account, executionDelay, since, newMember);
|
249
|
+
return newMember;
|
250
|
+
}
|
251
|
+
|
252
|
+
/**
|
253
|
+
* @dev Internal version of {revokeRole} without access control. This logic is also used by {renounceRole}.
|
254
|
+
* Returns true if the role was previously granted.
|
255
|
+
*
|
256
|
+
* Emits a {RoleRevoked} event if the account had the role.
|
257
|
+
*/
|
258
|
+
function _revokeRole(uint64 roleId, address account) internal virtual returns (bool) {
|
259
|
+
if (roleId == PUBLIC_ROLE) {
|
260
|
+
revert AccessManagerLockedRole(roleId);
|
261
|
+
}
|
262
|
+
|
263
|
+
if (_roles[roleId].members[account].since == 0) {
|
264
|
+
return false;
|
265
|
+
}
|
266
|
+
|
267
|
+
delete _roles[roleId].members[account];
|
268
|
+
|
269
|
+
emit RoleRevoked(roleId, account);
|
270
|
+
return true;
|
271
|
+
}
|
272
|
+
|
273
|
+
/**
|
274
|
+
* @dev Internal version of {setRoleAdmin} without access control.
|
275
|
+
*
|
276
|
+
* Emits a {RoleAdminChanged} event.
|
277
|
+
*
|
278
|
+
* NOTE: Setting the admin role as the `PUBLIC_ROLE` is allowed, but it will effectively allow
|
279
|
+
* anyone to set grant or revoke such role.
|
280
|
+
*/
|
281
|
+
function _setRoleAdmin(uint64 roleId, uint64 admin) internal virtual {
|
282
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
283
|
+
revert AccessManagerLockedRole(roleId);
|
284
|
+
}
|
285
|
+
|
286
|
+
_roles[roleId].admin = admin;
|
287
|
+
|
288
|
+
emit RoleAdminChanged(roleId, admin);
|
289
|
+
}
|
290
|
+
|
291
|
+
/**
|
292
|
+
* @dev Internal version of {setRoleGuardian} without access control.
|
293
|
+
*
|
294
|
+
* Emits a {RoleGuardianChanged} event.
|
295
|
+
*
|
296
|
+
* NOTE: Setting the guardian role as the `PUBLIC_ROLE` is allowed, but it will effectively allow
|
297
|
+
* anyone to cancel any scheduled operation for such role.
|
298
|
+
*/
|
299
|
+
function _setRoleGuardian(uint64 roleId, uint64 guardian) internal virtual {
|
300
|
+
if (roleId == ADMIN_ROLE || roleId == PUBLIC_ROLE) {
|
301
|
+
revert AccessManagerLockedRole(roleId);
|
302
|
+
}
|
303
|
+
|
304
|
+
_roles[roleId].guardian = guardian;
|
305
|
+
|
306
|
+
emit RoleGuardianChanged(roleId, guardian);
|
307
|
+
}
|
308
|
+
|
309
|
+
/**
|
310
|
+
* @dev Internal version of {setGrantDelay} without access control.
|
311
|
+
*
|
312
|
+
* Emits a {RoleGrantDelayChanged} event.
|
313
|
+
*/
|
314
|
+
// function _setGrantDelay(uint64 roleId, uint32 newDelay) internal virtual {
|
315
|
+
// if (roleId == PUBLIC_ROLE) {
|
316
|
+
// revert AccessManagerLockedRole(roleId);
|
317
|
+
// }
|
318
|
+
|
319
|
+
// uint48 effect;
|
320
|
+
// (_roles[roleId].grantDelay, effect) = _roles[roleId].grantDelay.withUpdate(newDelay, minSetback());
|
321
|
+
|
322
|
+
// emit RoleGrantDelayChanged(roleId, newDelay, effect);
|
323
|
+
// }
|
324
|
+
|
325
|
+
// ============================================= FUNCTION MANAGEMENT ==============================================
|
326
|
+
/// @inheritdoc IAccessManagerSimple
|
327
|
+
function setTargetFunctionRole(
|
328
|
+
address target,
|
329
|
+
bytes4[] calldata selectors,
|
330
|
+
uint64 roleId
|
331
|
+
) public virtual onlyAuthorized {
|
332
|
+
for (uint256 i = 0; i < selectors.length; ++i) {
|
333
|
+
_setTargetFunctionRole(target, selectors[i], roleId);
|
334
|
+
}
|
335
|
+
}
|
336
|
+
|
337
|
+
/**
|
338
|
+
* @dev Internal version of {setTargetFunctionRole} without access control.
|
339
|
+
*
|
340
|
+
* Emits a {TargetFunctionRoleUpdated} event.
|
341
|
+
*/
|
342
|
+
function _setTargetFunctionRole(address target, bytes4 selector, uint64 roleId) internal virtual {
|
343
|
+
_targets[target].allowedRoles[selector] = roleId;
|
344
|
+
emit TargetFunctionRoleUpdated(target, selector, roleId);
|
345
|
+
}
|
346
|
+
|
347
|
+
/// @inheritdoc IAccessManagerSimple
|
348
|
+
function setTargetAdminDelay(address target, uint32 newDelay) public virtual onlyAuthorized {
|
349
|
+
// _setTargetAdminDelay(target, newDelay);
|
350
|
+
}
|
351
|
+
|
352
|
+
/**
|
353
|
+
* @dev Internal version of {setTargetAdminDelay} without access control.
|
354
|
+
*
|
355
|
+
* Emits a {TargetAdminDelayUpdated} event.
|
356
|
+
*/
|
357
|
+
// function _setTargetAdminDelay(address target, uint32 newDelay) internal virtual {
|
358
|
+
// uint48 effect;
|
359
|
+
// (_targets[target].adminDelay, effect) = _targets[target].adminDelay.withUpdate(newDelay, minSetback());
|
360
|
+
|
361
|
+
// emit TargetAdminDelayUpdated(target, newDelay, effect);
|
362
|
+
// }
|
363
|
+
|
364
|
+
// =============================================== MODE MANAGEMENT ================================================
|
365
|
+
/// @inheritdoc IAccessManagerSimple
|
366
|
+
function setTargetClosed(address target, bool closed) public virtual onlyAuthorized {
|
367
|
+
_setTargetClosed(target, closed);
|
368
|
+
}
|
369
|
+
|
370
|
+
/**
|
371
|
+
* @dev Set the closed flag for a contract. This is an internal setter with no access restrictions.
|
372
|
+
*
|
373
|
+
* Emits a {TargetClosed} event.
|
374
|
+
*/
|
375
|
+
function _setTargetClosed(address target, bool closed) internal virtual {
|
376
|
+
if (target == address(this)) {
|
377
|
+
revert AccessManagerLockedAccount(target);
|
378
|
+
}
|
379
|
+
_targets[target].closed = closed;
|
380
|
+
emit TargetClosed(target, closed);
|
381
|
+
}
|
382
|
+
|
383
|
+
// ============================================== DELAYED OPERATIONS ==============================================
|
384
|
+
/// @inheritdoc IAccessManagerSimple
|
385
|
+
function getSchedule(bytes32 id) public view virtual returns (uint48) {
|
386
|
+
// uint48 timepoint = _schedules[id].timepoint;
|
387
|
+
// return _isExpired(timepoint) ? 0 : timepoint;
|
388
|
+
}
|
389
|
+
|
390
|
+
/// @inheritdoc IAccessManagerSimple
|
391
|
+
function getNonce(bytes32 id) public view virtual returns (uint32) {
|
392
|
+
// return _schedules[id].nonce;
|
393
|
+
}
|
394
|
+
|
395
|
+
/// @inheritdoc IAccessManagerSimple
|
396
|
+
function schedule(
|
397
|
+
address target,
|
398
|
+
bytes calldata data,
|
399
|
+
uint48 when
|
400
|
+
) public virtual returns (bytes32 operationId, uint32 nonce) {
|
401
|
+
// address caller = _msgSender();
|
402
|
+
|
403
|
+
// // Fetch restrictions that apply to the caller on the targeted function
|
404
|
+
// (, uint32 setback) = _canCallExtended(caller, target, data);
|
405
|
+
|
406
|
+
// uint48 minWhen = Time.timestamp() + setback;
|
407
|
+
|
408
|
+
// // if call with delay is not authorized, or if requested timing is too soon
|
409
|
+
// if (setback == 0 || (when > 0 && when < minWhen)) {
|
410
|
+
// revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
|
411
|
+
// }
|
412
|
+
|
413
|
+
// // Reuse variable due to stack too deep
|
414
|
+
// when = uint48(Math.max(when, minWhen)); // cast is safe: both inputs are uint48
|
415
|
+
|
416
|
+
// // If caller is authorised, schedule operation
|
417
|
+
// operationId = hashOperation(caller, target, data);
|
418
|
+
|
419
|
+
// _checkNotScheduled(operationId);
|
420
|
+
|
421
|
+
// unchecked {
|
422
|
+
// // It's not feasible to overflow the nonce in less than 1000 years
|
423
|
+
// nonce = _schedules[operationId].nonce + 1;
|
424
|
+
// }
|
425
|
+
// _schedules[operationId].timepoint = when;
|
426
|
+
// _schedules[operationId].nonce = nonce;
|
427
|
+
// emit OperationScheduled(operationId, nonce, when, caller, target, data);
|
428
|
+
|
429
|
+
// // Using named return values because otherwise we get stack too deep
|
430
|
+
}
|
431
|
+
|
432
|
+
/**
|
433
|
+
* @dev Reverts if the operation is currently scheduled and has not expired.
|
434
|
+
* (Note: This function was introduced due to stack too deep errors in schedule.)
|
435
|
+
*/
|
436
|
+
// function _checkNotScheduled(bytes32 operationId) private view {
|
437
|
+
// uint48 prevTimepoint = _schedules[operationId].timepoint;
|
438
|
+
// if (prevTimepoint != 0 && !_isExpired(prevTimepoint)) {
|
439
|
+
// revert AccessManagerAlreadyScheduled(operationId);
|
440
|
+
// }
|
441
|
+
// }
|
442
|
+
|
443
|
+
/// @inheritdoc IAccessManagerSimple
|
444
|
+
// Reentrancy is not an issue because permissions are checked on msg.sender. Additionally,
|
445
|
+
// _consumeScheduledOp guarantees a scheduled operation is only executed once.
|
446
|
+
// slither-disable-next-line reentrancy-no-eth
|
447
|
+
function execute(address target, bytes calldata data) public payable virtual returns (uint32) {
|
448
|
+
// address caller = _msgSender();
|
449
|
+
|
450
|
+
// // Fetch restrictions that apply to the caller on the targeted function
|
451
|
+
// (bool immediate, uint32 setback) = _canCallExtended(caller, target, data);
|
452
|
+
|
453
|
+
// // If caller is not authorised, revert
|
454
|
+
// if (!immediate && setback == 0) {
|
455
|
+
// revert AccessManagerUnauthorizedCall(caller, target, _checkSelector(data));
|
456
|
+
// }
|
457
|
+
|
458
|
+
// bytes32 operationId = hashOperation(caller, target, data);
|
459
|
+
// uint32 nonce;
|
460
|
+
|
461
|
+
// // If caller is authorised, check operation was scheduled early enough
|
462
|
+
// // Consume an available schedule even if there is no currently enforced delay
|
463
|
+
// if (setback != 0 || getSchedule(operationId) != 0) {
|
464
|
+
// nonce = _consumeScheduledOp(operationId);
|
465
|
+
// }
|
466
|
+
|
467
|
+
// // Mark the target and selector as authorised
|
468
|
+
// bytes32 executionIdBefore = _executionId;
|
469
|
+
// _executionId = _hashExecutionId(target, _checkSelector(data));
|
470
|
+
|
471
|
+
// // Perform call
|
472
|
+
// Address.functionCallWithValue(target, data, msg.value);
|
473
|
+
|
474
|
+
// // Reset execute identifier
|
475
|
+
// _executionId = executionIdBefore;
|
476
|
+
|
477
|
+
// return nonce;
|
478
|
+
}
|
479
|
+
|
480
|
+
/// @inheritdoc IAccessManagerSimple
|
481
|
+
function cancel(address caller, address target, bytes calldata data) public virtual returns (uint32) {
|
482
|
+
// address msgsender = _msgSender();
|
483
|
+
// bytes4 selector = _checkSelector(data);
|
484
|
+
|
485
|
+
// bytes32 operationId = hashOperation(caller, target, data);
|
486
|
+
// if (_schedules[operationId].timepoint == 0) {
|
487
|
+
// revert AccessManagerNotScheduled(operationId);
|
488
|
+
// } else if (caller != msgsender) {
|
489
|
+
// // calls can only be canceled by the account that scheduled them, a global admin, or by a guardian of the required role.
|
490
|
+
// (bool isAdmin, ) = hasRole(ADMIN_ROLE, msgsender);
|
491
|
+
// (bool isGuardian, ) = hasRole(getRoleGuardian(getTargetFunctionRole(target, selector)), msgsender);
|
492
|
+
// if (!isAdmin && !isGuardian) {
|
493
|
+
// revert AccessManagerUnauthorizedCancel(msgsender, caller, target, selector);
|
494
|
+
// }
|
495
|
+
// }
|
496
|
+
|
497
|
+
// delete _schedules[operationId].timepoint; // reset the timepoint, keep the nonce
|
498
|
+
// uint32 nonce = _schedules[operationId].nonce;
|
499
|
+
// emit OperationCanceled(operationId, nonce);
|
500
|
+
|
501
|
+
// return nonce;
|
502
|
+
}
|
503
|
+
|
504
|
+
/// @inheritdoc IAccessManagerSimple
|
505
|
+
function consumeScheduledOp(address caller, bytes calldata data) public virtual {
|
506
|
+
// address target = _msgSender();
|
507
|
+
// if (IAccessManaged(target).isConsumingScheduledOp() != IAccessManaged.isConsumingScheduledOp.selector) {
|
508
|
+
// revert AccessManagerUnauthorizedConsume(target);
|
509
|
+
// }
|
510
|
+
// _consumeScheduledOp(hashOperation(caller, target, data));
|
511
|
+
}
|
512
|
+
|
513
|
+
// /**
|
514
|
+
// * @dev Internal variant of {consumeScheduledOp} that operates on bytes32 operationId.
|
515
|
+
// *
|
516
|
+
// * Returns the nonce of the scheduled operation that is consumed.
|
517
|
+
// */
|
518
|
+
// function _consumeScheduledOp(bytes32 operationId) internal virtual returns (uint32) {
|
519
|
+
// uint48 timepoint = _schedules[operationId].timepoint;
|
520
|
+
// uint32 nonce = _schedules[operationId].nonce;
|
521
|
+
|
522
|
+
// if (timepoint == 0) {
|
523
|
+
// revert AccessManagerNotScheduled(operationId);
|
524
|
+
// } else if (timepoint > Time.timestamp()) {
|
525
|
+
// revert AccessManagerNotReady(operationId);
|
526
|
+
// } else if (_isExpired(timepoint)) {
|
527
|
+
// revert AccessManagerExpired(operationId);
|
528
|
+
// }
|
529
|
+
|
530
|
+
// delete _schedules[operationId].timepoint; // reset the timepoint, keep the nonce
|
531
|
+
// emit OperationExecuted(operationId, nonce);
|
532
|
+
|
533
|
+
// return nonce;
|
534
|
+
// }
|
535
|
+
|
536
|
+
/// @inheritdoc IAccessManagerSimple
|
537
|
+
function hashOperation(address caller, address target, bytes calldata data) public view virtual returns (bytes32) {
|
538
|
+
return keccak256(abi.encode(caller, target, data));
|
539
|
+
}
|
540
|
+
|
541
|
+
// ==================================================== OTHERS ====================================================
|
542
|
+
/// @inheritdoc IAccessManagerSimple
|
543
|
+
function updateAuthority(address target, address newAuthority) public virtual onlyAuthorized {
|
544
|
+
IAccessManaged(target).setAuthority(newAuthority);
|
545
|
+
}
|
546
|
+
|
547
|
+
// ================================================= ADMIN LOGIC ==================================================
|
548
|
+
/**
|
549
|
+
* @dev Check if the current call is authorized according to admin logic.
|
550
|
+
*/
|
551
|
+
function _checkAuthorized() private {
|
552
|
+
address caller = _msgSender();
|
553
|
+
(bool immediate, uint32 delay) = _canCallSelf(caller, _msgData());
|
554
|
+
if (!immediate) {
|
555
|
+
if (delay == 0) {
|
556
|
+
(, uint64 requiredRole, ) = _getAdminRestrictions(_msgData());
|
557
|
+
revert AccessManagerUnauthorizedAccount(caller, requiredRole);
|
558
|
+
}
|
559
|
+
// else {
|
560
|
+
// _consumeScheduledOp(hashOperation(caller, address(this), _msgData()));
|
561
|
+
// }
|
562
|
+
}
|
563
|
+
}
|
564
|
+
|
565
|
+
/**
|
566
|
+
* @dev Get the admin restrictions of a given function call based on the function and arguments involved.
|
567
|
+
*
|
568
|
+
* Returns:
|
569
|
+
* - bool restricted: does this data match a restricted operation
|
570
|
+
* - uint64: which role is this operation restricted to
|
571
|
+
* - uint32: minimum delay to enforce for that operation (max between operation's delay and admin's execution delay)
|
572
|
+
*/
|
573
|
+
function _getAdminRestrictions(
|
574
|
+
bytes calldata data
|
575
|
+
) private view returns (bool restricted, uint64 roleAdminId, uint32 executionDelay) {
|
576
|
+
if (data.length < 4) {
|
577
|
+
return (false, 0, 0);
|
578
|
+
}
|
579
|
+
|
580
|
+
bytes4 selector = _checkSelector(data);
|
581
|
+
|
582
|
+
// Restricted to ADMIN with no delay beside any execution delay the caller may have
|
583
|
+
if (
|
584
|
+
selector == this.labelRole.selector ||
|
585
|
+
selector == this.setRoleAdmin.selector ||
|
586
|
+
selector == this.setRoleGuardian.selector ||
|
587
|
+
selector == this.setGrantDelay.selector ||
|
588
|
+
selector == this.setTargetAdminDelay.selector
|
589
|
+
) {
|
590
|
+
return (true, ADMIN_ROLE, 0);
|
591
|
+
}
|
592
|
+
|
593
|
+
// Restricted to ADMIN with the admin delay corresponding to the target
|
594
|
+
if (
|
595
|
+
selector == this.updateAuthority.selector ||
|
596
|
+
selector == this.setTargetClosed.selector ||
|
597
|
+
selector == this.setTargetFunctionRole.selector
|
598
|
+
) {
|
599
|
+
// First argument is a target.
|
600
|
+
address target = abi.decode(data[0x04:0x24], (address));
|
601
|
+
uint32 delay = getTargetAdminDelay(target);
|
602
|
+
return (true, ADMIN_ROLE, delay);
|
603
|
+
}
|
604
|
+
|
605
|
+
// Restricted to that role's admin with no delay beside any execution delay the caller may have.
|
606
|
+
if (selector == this.grantRole.selector || selector == this.revokeRole.selector) {
|
607
|
+
// First argument is a roleId.
|
608
|
+
uint64 roleId = abi.decode(data[0x04:0x24], (uint64));
|
609
|
+
return (true, getRoleAdmin(roleId), 0);
|
610
|
+
}
|
611
|
+
|
612
|
+
return (false, 0, 0);
|
613
|
+
}
|
614
|
+
|
615
|
+
// =================================================== HELPERS ====================================================
|
616
|
+
/**
|
617
|
+
* @dev An extended version of {canCall} for internal usage that checks {_canCallSelf}
|
618
|
+
* when the target is this contract.
|
619
|
+
*
|
620
|
+
* Returns:
|
621
|
+
* - bool immediate: whether the operation can be executed immediately (with no delay)
|
622
|
+
* - uint32 delay: the execution delay
|
623
|
+
*/
|
624
|
+
function _canCallExtended(
|
625
|
+
address caller,
|
626
|
+
address target,
|
627
|
+
bytes calldata data
|
628
|
+
) private view returns (bool immediate, uint32 delay) {
|
629
|
+
if (target == address(this)) {
|
630
|
+
return _canCallSelf(caller, data);
|
631
|
+
} else {
|
632
|
+
return data.length < 4 ? (false, 0) : canCall(caller, target, _checkSelector(data));
|
633
|
+
}
|
634
|
+
}
|
635
|
+
|
636
|
+
/**
|
637
|
+
* @dev A version of {canCall} that checks for admin restrictions in this contract.
|
638
|
+
*/
|
639
|
+
function _canCallSelf(address caller, bytes calldata data) private view returns (bool immediate, uint32 delay) {
|
640
|
+
if (data.length < 4) {
|
641
|
+
return (false, 0);
|
642
|
+
}
|
643
|
+
|
644
|
+
// if (caller == address(this)) {
|
645
|
+
// // Caller is AccessManager, this means the call was sent through {execute} and it already checked
|
646
|
+
// // permissions. We verify that the call "identifier", which is set during {execute}, is correct.
|
647
|
+
// return (_isExecuting(address(this), _checkSelector(data)), 0);
|
648
|
+
// }
|
649
|
+
|
650
|
+
(bool enabled, uint64 roleId, uint32 operationDelay) = _getAdminRestrictions(data);
|
651
|
+
if (!enabled) {
|
652
|
+
return (false, 0);
|
653
|
+
}
|
654
|
+
|
655
|
+
(bool inRole, uint32 executionDelay) = hasRole(roleId, caller);
|
656
|
+
if (!inRole) {
|
657
|
+
return (false, 0);
|
658
|
+
}
|
659
|
+
|
660
|
+
// downcast is safe because both options are uint32
|
661
|
+
delay = 0; // uint32(Math.max(operationDelay, executionDelay));
|
662
|
+
return (delay == 0, delay);
|
663
|
+
}
|
664
|
+
|
665
|
+
// /**
|
666
|
+
// * @dev Returns true if a call with `target` and `selector` is being executed via {executed}.
|
667
|
+
// */
|
668
|
+
// function _isExecuting(address target, bytes4 selector) private view returns (bool) {
|
669
|
+
// return _executionId == _hashExecutionId(target, selector);
|
670
|
+
// }
|
671
|
+
|
672
|
+
// /**
|
673
|
+
// * @dev Returns true if a schedule timepoint is past its expiration deadline.
|
674
|
+
// */
|
675
|
+
// function _isExpired(uint48 timepoint) private view returns (bool) {
|
676
|
+
// return timepoint + expiration() <= Time.timestamp();
|
677
|
+
// }
|
678
|
+
|
679
|
+
/**
|
680
|
+
* @dev Extracts the selector from calldata. Panics if data is not at least 4 bytes
|
681
|
+
*/
|
682
|
+
function _checkSelector(bytes calldata data) private pure returns (bytes4) {
|
683
|
+
return bytes4(data[0:4]);
|
684
|
+
}
|
685
|
+
|
686
|
+
/**
|
687
|
+
* @dev Hashing function for execute protection
|
688
|
+
*/
|
689
|
+
// function _hashExecutionId(address target, bytes4 selector) private pure returns (bytes32) {
|
690
|
+
// return keccak256(abi.encode(target, selector));
|
691
|
+
// }
|
692
|
+
}
|