├── FusionXFactory.sol ├── FusionXRouter.sol └── FusionXToken.sol /FusionXFactory.sol: -------------------------------------------------------------------------------- 1 | pragma solidity =0.5.16; 2 | 3 | interface IFusionXFactory { 4 | event PairCreated( 5 | address indexed token0, 6 | address indexed token1, 7 | address pair, 8 | uint256 9 | ); 10 | 11 | function feeTo() external view returns (address); 12 | 13 | function feeToSetter() external view returns (address); 14 | 15 | function getPair(address tokenA, address tokenB) 16 | external 17 | view 18 | returns (address pair); 19 | 20 | function allPairs(uint256) external view returns (address pair); 21 | 22 | function allPairsLength() external view returns (uint256); 23 | 24 | function createPair(address tokenA, address tokenB) 25 | external 26 | returns (address pair); 27 | 28 | function setFeeTo(address) external; 29 | 30 | function setFeeToSetter(address) external; 31 | } 32 | 33 | interface IFusionXPair { 34 | event Approval( 35 | address indexed owner, 36 | address indexed spender, 37 | uint256 value 38 | ); 39 | event Transfer(address indexed from, address indexed to, uint256 value); 40 | 41 | function name() external pure returns (string memory); 42 | 43 | function symbol() external pure returns (string memory); 44 | 45 | function decimals() external pure returns (uint8); 46 | 47 | function totalSupply() external view returns (uint256); 48 | 49 | function balanceOf(address owner) external view returns (uint256); 50 | 51 | function allowance(address owner, address spender) 52 | external 53 | view 54 | returns (uint256); 55 | 56 | function approve(address spender, uint256 value) external returns (bool); 57 | 58 | function transfer(address to, uint256 value) external returns (bool); 59 | 60 | function transferFrom( 61 | address from, 62 | address to, 63 | uint256 value 64 | ) external returns (bool); 65 | 66 | function DOMAIN_SEPARATOR() external view returns (bytes32); 67 | 68 | function PERMIT_TYPEHASH() external pure returns (bytes32); 69 | 70 | function nonces(address owner) external view returns (uint256); 71 | 72 | function permit( 73 | address owner, 74 | address spender, 75 | uint256 value, 76 | uint256 deadline, 77 | uint8 v, 78 | bytes32 r, 79 | bytes32 s 80 | ) external; 81 | 82 | event Mint(address indexed sender, uint256 amount0, uint256 amount1); 83 | event Burn( 84 | address indexed sender, 85 | uint256 amount0, 86 | uint256 amount1, 87 | address indexed to 88 | ); 89 | event Swap( 90 | address indexed sender, 91 | uint256 amount0In, 92 | uint256 amount1In, 93 | uint256 amount0Out, 94 | uint256 amount1Out, 95 | address indexed to 96 | ); 97 | event Sync(uint112 reserve0, uint112 reserve1); 98 | 99 | function MINIMUM_LIQUIDITY() external pure returns (uint256); 100 | 101 | function factory() external view returns (address); 102 | 103 | function token0() external view returns (address); 104 | 105 | function token1() external view returns (address); 106 | 107 | function getReserves() 108 | external 109 | view 110 | returns ( 111 | uint112 reserve0, 112 | uint112 reserve1, 113 | uint32 blockTimestampLast 114 | ); 115 | 116 | function price0CumulativeLast() external view returns (uint256); 117 | 118 | function price1CumulativeLast() external view returns (uint256); 119 | 120 | function kLast() external view returns (uint256); 121 | 122 | function mint(address to) external returns (uint256 liquidity); 123 | 124 | function burn(address to) 125 | external 126 | returns (uint256 amount0, uint256 amount1); 127 | 128 | function swap( 129 | uint256 amount0Out, 130 | uint256 amount1Out, 131 | address to, 132 | bytes calldata data 133 | ) external; 134 | 135 | function skim(address to) external; 136 | 137 | function sync() external; 138 | 139 | function initialize(address, address) external; 140 | } 141 | 142 | interface IFusionXERC20 { 143 | event Approval( 144 | address indexed owner, 145 | address indexed spender, 146 | uint256 value 147 | ); 148 | event Transfer(address indexed from, address indexed to, uint256 value); 149 | 150 | function name() external pure returns (string memory); 151 | 152 | function symbol() external pure returns (string memory); 153 | 154 | function decimals() external pure returns (uint8); 155 | 156 | function totalSupply() external view returns (uint256); 157 | 158 | function balanceOf(address owner) external view returns (uint256); 159 | 160 | function allowance(address owner, address spender) 161 | external 162 | view 163 | returns (uint256); 164 | 165 | function approve(address spender, uint256 value) external returns (bool); 166 | 167 | function transfer(address to, uint256 value) external returns (bool); 168 | 169 | function transferFrom( 170 | address from, 171 | address to, 172 | uint256 value 173 | ) external returns (bool); 174 | 175 | function DOMAIN_SEPARATOR() external view returns (bytes32); 176 | 177 | function PERMIT_TYPEHASH() external pure returns (bytes32); 178 | 179 | function nonces(address owner) external view returns (uint256); 180 | 181 | function permit( 182 | address owner, 183 | address spender, 184 | uint256 value, 185 | uint256 deadline, 186 | uint8 v, 187 | bytes32 r, 188 | bytes32 s 189 | ) external; 190 | } 191 | 192 | // a library for performing overflow-safe math, courtesy of DappHub (https://github.com/dapphub/ds-math) 193 | library SafeMath { 194 | function add(uint256 x, uint256 y) internal pure returns (uint256 z) { 195 | require((z = x + y) >= x, "ds-math-add-overflow"); 196 | } 197 | 198 | function sub(uint256 x, uint256 y) internal pure returns (uint256 z) { 199 | require((z = x - y) <= x, "ds-math-sub-underflow"); 200 | } 201 | 202 | function mul(uint256 x, uint256 y) internal pure returns (uint256 z) { 203 | require(y == 0 || (z = x * y) / y == x, "ds-math-mul-overflow"); 204 | } 205 | } 206 | 207 | contract FusionXERC20 is IFusionXERC20 { 208 | using SafeMath for uint256; 209 | 210 | string public constant name = "FusionX LPs"; 211 | string public constant symbol = "FusionX-LP"; 212 | uint8 public constant decimals = 18; 213 | uint256 public totalSupply; 214 | mapping(address => uint256) public balanceOf; 215 | mapping(address => mapping(address => uint256)) public allowance; 216 | 217 | bytes32 public DOMAIN_SEPARATOR; 218 | // keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)"); 219 | bytes32 public constant PERMIT_TYPEHASH = 220 | 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9; 221 | mapping(address => uint256) public nonces; 222 | 223 | event Approval( 224 | address indexed owner, 225 | address indexed spender, 226 | uint256 value 227 | ); 228 | event Transfer(address indexed from, address indexed to, uint256 value); 229 | 230 | constructor() public { 231 | uint256 chainId; 232 | assembly { 233 | chainId := chainid 234 | } 235 | DOMAIN_SEPARATOR = keccak256( 236 | abi.encode( 237 | keccak256( 238 | "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)" 239 | ), 240 | keccak256(bytes(name)), 241 | keccak256(bytes("1")), 242 | chainId, 243 | address(this) 244 | ) 245 | ); 246 | } 247 | 248 | function _mint(address to, uint256 value) internal { 249 | totalSupply = totalSupply.add(value); 250 | balanceOf[to] = balanceOf[to].add(value); 251 | emit Transfer(address(0), to, value); 252 | } 253 | 254 | function _burn(address from, uint256 value) internal { 255 | balanceOf[from] = balanceOf[from].sub(value); 256 | totalSupply = totalSupply.sub(value); 257 | emit Transfer(from, address(0), value); 258 | } 259 | 260 | function _approve( 261 | address owner, 262 | address spender, 263 | uint256 value 264 | ) private { 265 | allowance[owner][spender] = value; 266 | emit Approval(owner, spender, value); 267 | } 268 | 269 | function _transfer( 270 | address from, 271 | address to, 272 | uint256 value 273 | ) private { 274 | balanceOf[from] = balanceOf[from].sub(value); 275 | balanceOf[to] = balanceOf[to].add(value); 276 | emit Transfer(from, to, value); 277 | } 278 | 279 | function approve(address spender, uint256 value) external returns (bool) { 280 | _approve(msg.sender, spender, value); 281 | return true; 282 | } 283 | 284 | function transfer(address to, uint256 value) external returns (bool) { 285 | _transfer(msg.sender, to, value); 286 | return true; 287 | } 288 | 289 | function transferFrom( 290 | address from, 291 | address to, 292 | uint256 value 293 | ) external returns (bool) { 294 | if (allowance[from][msg.sender] != uint256(-1)) { 295 | allowance[from][msg.sender] = allowance[from][msg.sender].sub( 296 | value 297 | ); 298 | } 299 | _transfer(from, to, value); 300 | return true; 301 | } 302 | 303 | function permit( 304 | address owner, 305 | address spender, 306 | uint256 value, 307 | uint256 deadline, 308 | uint8 v, 309 | bytes32 r, 310 | bytes32 s 311 | ) external { 312 | require(deadline >= block.timestamp, "FusionX: EXPIRED"); 313 | bytes32 digest = keccak256( 314 | abi.encodePacked( 315 | "\x19\x01", 316 | DOMAIN_SEPARATOR, 317 | keccak256( 318 | abi.encode( 319 | PERMIT_TYPEHASH, 320 | owner, 321 | spender, 322 | value, 323 | nonces[owner]++, 324 | deadline 325 | ) 326 | ) 327 | ) 328 | ); 329 | address recoveredAddress = ecrecover(digest, v, r, s); 330 | require( 331 | recoveredAddress != address(0) && recoveredAddress == owner, 332 | "FusionX: INVALID_SIGNATURE" 333 | ); 334 | _approve(owner, spender, value); 335 | } 336 | } 337 | 338 | // a library for performing various math operations 339 | library Math { 340 | function min(uint256 x, uint256 y) internal pure returns (uint256 z) { 341 | z = x < y ? x : y; 342 | } 343 | 344 | // babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method) 345 | function sqrt(uint256 y) internal pure returns (uint256 z) { 346 | if (y > 3) { 347 | z = y; 348 | uint256 x = y / 2 + 1; 349 | while (x < z) { 350 | z = x; 351 | x = (y / x + x) / 2; 352 | } 353 | } else if (y != 0) { 354 | z = 1; 355 | } 356 | } 357 | } 358 | 359 | // a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format)) 360 | // range: [0, 2**112 - 1] 361 | // resolution: 1 / 2**112 362 | library UQ112x112 { 363 | uint224 constant Q112 = 2**112; 364 | 365 | // encode a uint112 as a UQ112x112 366 | function encode(uint112 y) internal pure returns (uint224 z) { 367 | z = uint224(y) * Q112; // never overflows 368 | } 369 | 370 | // divide a UQ112x112 by a uint112, returning a UQ112x112 371 | function uqdiv(uint224 x, uint112 y) internal pure returns (uint224 z) { 372 | z = x / uint224(y); 373 | } 374 | } 375 | 376 | interface IERC20 { 377 | event Approval( 378 | address indexed owner, 379 | address indexed spender, 380 | uint256 value 381 | ); 382 | event Transfer(address indexed from, address indexed to, uint256 value); 383 | 384 | function name() external view returns (string memory); 385 | 386 | function symbol() external view returns (string memory); 387 | 388 | function decimals() external view returns (uint8); 389 | 390 | function totalSupply() external view returns (uint256); 391 | 392 | function balanceOf(address owner) external view returns (uint256); 393 | 394 | function allowance(address owner, address spender) 395 | external 396 | view 397 | returns (uint256); 398 | 399 | function approve(address spender, uint256 value) external returns (bool); 400 | 401 | function transfer(address to, uint256 value) external returns (bool); 402 | 403 | function transferFrom( 404 | address from, 405 | address to, 406 | uint256 value 407 | ) external returns (bool); 408 | } 409 | 410 | interface IFusionXCallee { 411 | function FusionXCall( 412 | address sender, 413 | uint256 amount0, 414 | uint256 amount1, 415 | bytes calldata data 416 | ) external; 417 | } 418 | 419 | contract FusionXPair is IFusionXPair, FusionXERC20 { 420 | using SafeMath for uint256; 421 | using UQ112x112 for uint224; 422 | 423 | uint256 public constant MINIMUM_LIQUIDITY = 10**3; 424 | bytes4 private constant SELECTOR = 425 | bytes4(keccak256(bytes("transfer(address,uint256)"))); 426 | 427 | address public factory; 428 | address public token0; 429 | address public token1; 430 | 431 | uint112 private reserve0; // uses single storage slot, accessible via getReserves 432 | uint112 private reserve1; // uses single storage slot, accessible via getReserves 433 | uint32 private blockTimestampLast; // uses single storage slot, accessible via getReserves 434 | 435 | uint256 public price0CumulativeLast; 436 | uint256 public price1CumulativeLast; 437 | uint256 public kLast; // reserve0 * reserve1, as of immediately after the most recent liquidity event 438 | 439 | uint256 private unlocked = 1; 440 | modifier lock() { 441 | require(unlocked == 1, "FusionX: LOCKED"); 442 | unlocked = 0; 443 | _; 444 | unlocked = 1; 445 | } 446 | 447 | function getReserves() 448 | public 449 | view 450 | returns ( 451 | uint112 _reserve0, 452 | uint112 _reserve1, 453 | uint32 _blockTimestampLast 454 | ) 455 | { 456 | _reserve0 = reserve0; 457 | _reserve1 = reserve1; 458 | _blockTimestampLast = blockTimestampLast; 459 | } 460 | 461 | function _safeTransfer( 462 | address token, 463 | address to, 464 | uint256 value 465 | ) private { 466 | (bool success, bytes memory data) = token.call( 467 | abi.encodeWithSelector(SELECTOR, to, value) 468 | ); 469 | require( 470 | success && (data.length == 0 || abi.decode(data, (bool))), 471 | "FusionX: TRANSFER_FAILED" 472 | ); 473 | } 474 | 475 | event Mint(address indexed sender, uint256 amount0, uint256 amount1); 476 | event Burn( 477 | address indexed sender, 478 | uint256 amount0, 479 | uint256 amount1, 480 | address indexed to 481 | ); 482 | event Swap( 483 | address indexed sender, 484 | uint256 amount0In, 485 | uint256 amount1In, 486 | uint256 amount0Out, 487 | uint256 amount1Out, 488 | address indexed to 489 | ); 490 | event Sync(uint112 reserve0, uint112 reserve1); 491 | 492 | constructor() public { 493 | factory = msg.sender; 494 | } 495 | 496 | // called once by the factory at time of deployment 497 | function initialize(address _token0, address _token1) external { 498 | require(msg.sender == factory, "FusionX: FORBIDDEN"); // sufficient check 499 | token0 = _token0; 500 | token1 = _token1; 501 | } 502 | 503 | // update reserves and, on the first call per block, price accumulators 504 | function _update( 505 | uint256 balance0, 506 | uint256 balance1, 507 | uint112 _reserve0, 508 | uint112 _reserve1 509 | ) private { 510 | require( 511 | balance0 <= uint112(-1) && balance1 <= uint112(-1), 512 | "FusionX: OVERFLOW" 513 | ); 514 | uint32 blockTimestamp = uint32(block.timestamp % 2**32); 515 | uint32 timeElapsed = blockTimestamp - blockTimestampLast; // overflow is desired 516 | if (timeElapsed > 0 && _reserve0 != 0 && _reserve1 != 0) { 517 | // * never overflows, and + overflow is desired 518 | price0CumulativeLast += 519 | uint256(UQ112x112.encode(_reserve1).uqdiv(_reserve0)) * 520 | timeElapsed; 521 | price1CumulativeLast += 522 | uint256(UQ112x112.encode(_reserve0).uqdiv(_reserve1)) * 523 | timeElapsed; 524 | } 525 | reserve0 = uint112(balance0); 526 | reserve1 = uint112(balance1); 527 | blockTimestampLast = blockTimestamp; 528 | emit Sync(reserve0, reserve1); 529 | } 530 | 531 | // if fee is on, mint liquidity equivalent to 1/6th of the growth in sqrt(k) 532 | function _mintFee(uint112 _reserve0, uint112 _reserve1) 533 | private 534 | returns (bool feeOn) 535 | { 536 | address feeTo = IFusionXFactory(factory).feeTo(); 537 | feeOn = feeTo != address(0); 538 | uint256 _kLast = kLast; // gas savings 539 | if (feeOn) { 540 | if (_kLast != 0) { 541 | uint256 rootK = Math.sqrt(uint256(_reserve0).mul(_reserve1)); 542 | uint256 rootKLast = Math.sqrt(_kLast); 543 | if (rootK > rootKLast) { 544 | uint256 numerator = totalSupply.mul(rootK.sub(rootKLast)); 545 | uint256 denominator = rootK.mul(3).add(rootKLast); 546 | uint256 liquidity = numerator / denominator; 547 | if (liquidity > 0) _mint(feeTo, liquidity); 548 | } 549 | } 550 | } else if (_kLast != 0) { 551 | kLast = 0; 552 | } 553 | } 554 | 555 | // this low-level function should be called from a contract which performs important safety checks 556 | function mint(address to) external lock returns (uint256 liquidity) { 557 | (uint112 _reserve0, uint112 _reserve1, ) = getReserves(); // gas savings 558 | uint256 balance0 = IERC20(token0).balanceOf(address(this)); 559 | uint256 balance1 = IERC20(token1).balanceOf(address(this)); 560 | uint256 amount0 = balance0.sub(_reserve0); 561 | uint256 amount1 = balance1.sub(_reserve1); 562 | 563 | bool feeOn = _mintFee(_reserve0, _reserve1); 564 | uint256 _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee 565 | if (_totalSupply == 0) { 566 | liquidity = Math.sqrt(amount0.mul(amount1)).sub(MINIMUM_LIQUIDITY); 567 | _mint(address(0), MINIMUM_LIQUIDITY); // permanently lock the first MINIMUM_LIQUIDITY tokens 568 | } else { 569 | liquidity = Math.min( 570 | amount0.mul(_totalSupply) / _reserve0, 571 | amount1.mul(_totalSupply) / _reserve1 572 | ); 573 | } 574 | require(liquidity > 0, "FusionX: INSUFFICIENT_LIQUIDITY_MINTED"); 575 | _mint(to, liquidity); 576 | 577 | _update(balance0, balance1, _reserve0, _reserve1); 578 | if (feeOn) kLast = uint256(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date 579 | emit Mint(msg.sender, amount0, amount1); 580 | } 581 | 582 | // this low-level function should be called from a contract which performs important safety checks 583 | function burn(address to) 584 | external 585 | lock 586 | returns (uint256 amount0, uint256 amount1) 587 | { 588 | (uint112 _reserve0, uint112 _reserve1, ) = getReserves(); // gas savings 589 | address _token0 = token0; // gas savings 590 | address _token1 = token1; // gas savings 591 | uint256 balance0 = IERC20(_token0).balanceOf(address(this)); 592 | uint256 balance1 = IERC20(_token1).balanceOf(address(this)); 593 | uint256 liquidity = balanceOf[address(this)]; 594 | 595 | bool feeOn = _mintFee(_reserve0, _reserve1); 596 | uint256 _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee 597 | amount0 = liquidity.mul(balance0) / _totalSupply; // using balances ensures pro-rata distribution 598 | amount1 = liquidity.mul(balance1) / _totalSupply; // using balances ensures pro-rata distribution 599 | require( 600 | amount0 > 0 && amount1 > 0, 601 | "FusionX: INSUFFICIENT_LIQUIDITY_BURNED" 602 | ); 603 | _burn(address(this), liquidity); 604 | _safeTransfer(_token0, to, amount0); 605 | _safeTransfer(_token1, to, amount1); 606 | balance0 = IERC20(_token0).balanceOf(address(this)); 607 | balance1 = IERC20(_token1).balanceOf(address(this)); 608 | 609 | _update(balance0, balance1, _reserve0, _reserve1); 610 | if (feeOn) kLast = uint256(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date 611 | emit Burn(msg.sender, amount0, amount1, to); 612 | } 613 | 614 | // this low-level function should be called from a contract which performs important safety checks 615 | function swap( 616 | uint256 amount0Out, 617 | uint256 amount1Out, 618 | address to, 619 | bytes calldata data 620 | ) external lock { 621 | require( 622 | amount0Out > 0 || amount1Out > 0, 623 | "FusionX: INSUFFICIENT_OUTPUT_AMOUNT" 624 | ); 625 | (uint112 _reserve0, uint112 _reserve1, ) = getReserves(); // gas savings 626 | require( 627 | amount0Out < _reserve0 && amount1Out < _reserve1, 628 | "FusionX: INSUFFICIENT_LIQUIDITY" 629 | ); 630 | 631 | uint256 balance0; 632 | uint256 balance1; 633 | { 634 | // scope for _token{0,1}, avoids stack too deep errors 635 | address _token0 = token0; 636 | address _token1 = token1; 637 | require(to != _token0 && to != _token1, "FusionX: INVALID_TO"); 638 | if (amount0Out > 0) _safeTransfer(_token0, to, amount0Out); // optimistically transfer tokens 639 | if (amount1Out > 0) _safeTransfer(_token1, to, amount1Out); // optimistically transfer tokens 640 | if (data.length > 0) 641 | IFusionXCallee(to).FusionXCall( 642 | msg.sender, 643 | amount0Out, 644 | amount1Out, 645 | data 646 | ); 647 | balance0 = IERC20(_token0).balanceOf(address(this)); 648 | balance1 = IERC20(_token1).balanceOf(address(this)); 649 | } 650 | uint256 amount0In = balance0 > _reserve0 - amount0Out 651 | ? balance0 - (_reserve0 - amount0Out) 652 | : 0; 653 | uint256 amount1In = balance1 > _reserve1 - amount1Out 654 | ? balance1 - (_reserve1 - amount1Out) 655 | : 0; 656 | require( 657 | amount0In > 0 || amount1In > 0, 658 | "FusionX: INSUFFICIENT_INPUT_AMOUNT" 659 | ); 660 | { 661 | // scope for reserve{0,1}Adjusted, avoids stack too deep errors 662 | uint256 balance0Adjusted = balance0.mul(1000).sub(amount0In.mul(2)); 663 | uint256 balance1Adjusted = balance1.mul(1000).sub(amount1In.mul(2)); 664 | require( 665 | balance0Adjusted.mul(balance1Adjusted) >= 666 | uint256(_reserve0).mul(_reserve1).mul(1000**2), 667 | "FusionX: K" 668 | ); 669 | } 670 | 671 | _update(balance0, balance1, _reserve0, _reserve1); 672 | emit Swap(msg.sender, amount0In, amount1In, amount0Out, amount1Out, to); 673 | } 674 | 675 | // force balances to match reserves 676 | function skim(address to) external lock { 677 | address _token0 = token0; // gas savings 678 | address _token1 = token1; // gas savings 679 | _safeTransfer( 680 | _token0, 681 | to, 682 | IERC20(_token0).balanceOf(address(this)).sub(reserve0) 683 | ); 684 | _safeTransfer( 685 | _token1, 686 | to, 687 | IERC20(_token1).balanceOf(address(this)).sub(reserve1) 688 | ); 689 | } 690 | 691 | // force reserves to match balances 692 | function sync() external lock { 693 | _update( 694 | IERC20(token0).balanceOf(address(this)), 695 | IERC20(token1).balanceOf(address(this)), 696 | reserve0, 697 | reserve1 698 | ); 699 | } 700 | } 701 | 702 | contract FusionXFactory is IFusionXFactory { 703 | bytes32 public constant INIT_CODE_PAIR_HASH = 704 | keccak256(abi.encodePacked(type(FusionXPair).creationCode)); 705 | 706 | address public feeTo; 707 | address public feeToSetter; 708 | 709 | mapping(address => mapping(address => address)) public getPair; 710 | address[] public allPairs; 711 | 712 | event PairCreated( 713 | address indexed token0, 714 | address indexed token1, 715 | address pair, 716 | uint256 717 | ); 718 | 719 | constructor(address _feeToSetter) public { 720 | feeToSetter = _feeToSetter; 721 | } 722 | 723 | function allPairsLength() external view returns (uint256) { 724 | return allPairs.length; 725 | } 726 | 727 | function createPair(address tokenA, address tokenB) 728 | external 729 | returns (address pair) 730 | { 731 | require(tokenA != tokenB, "FusionX: IDENTICAL_ADDRESSES"); 732 | (address token0, address token1) = tokenA < tokenB 733 | ? (tokenA, tokenB) 734 | : (tokenB, tokenA); 735 | require(token0 != address(0), "FusionX: ZERO_ADDRESS"); 736 | require(getPair[token0][token1] == address(0), "FusionX: PAIR_EXISTS"); // single check is sufficient 737 | bytes memory bytecode = type(FusionXPair).creationCode; 738 | bytes32 salt = keccak256(abi.encodePacked(token0, token1)); 739 | assembly { 740 | pair := create2(0, add(bytecode, 32), mload(bytecode), salt) 741 | } 742 | IFusionXPair(pair).initialize(token0, token1); 743 | getPair[token0][token1] = pair; 744 | getPair[token1][token0] = pair; // populate mapping in the reverse direction 745 | allPairs.push(pair); 746 | emit PairCreated(token0, token1, pair, allPairs.length); 747 | } 748 | 749 | function setFeeTo(address _feeTo) external { 750 | require(msg.sender == feeToSetter, "FusionX: FORBIDDEN"); 751 | feeTo = _feeTo; 752 | } 753 | 754 | function setFeeToSetter(address _feeToSetter) external { 755 | require(msg.sender == feeToSetter, "FusionX: FORBIDDEN"); 756 | feeToSetter = _feeToSetter; 757 | } 758 | } 759 | -------------------------------------------------------------------------------- /FusionXRouter.sol: -------------------------------------------------------------------------------- 1 | pragma solidity =0.6.6; 2 | 3 | interface IFusionXFactory { 4 | event PairCreated( 5 | address indexed token0, 6 | address indexed token1, 7 | address pair, 8 | uint256 9 | ); 10 | 11 | function feeTo() external view returns (address); 12 | 13 | function feeToSetter() external view returns (address); 14 | 15 | function getPair(address tokenA, address tokenB) 16 | external 17 | view 18 | returns (address pair); 19 | 20 | function allPairs(uint256) external view returns (address pair); 21 | 22 | function allPairsLength() external view returns (uint256); 23 | 24 | function createPair(address tokenA, address tokenB) 25 | external 26 | returns (address pair); 27 | 28 | function setFeeTo(address) external; 29 | 30 | function setFeeToSetter(address) external; 31 | } 32 | 33 | // helper methods for interacting with ERC20 tokens and sending ETH that do not consistently return true/false 34 | library TransferHelper { 35 | function safeApprove( 36 | address token, 37 | address to, 38 | uint256 value 39 | ) internal { 40 | // bytes4(keccak256(bytes('approve(address,uint256)'))); 41 | (bool success, bytes memory data) = token.call( 42 | abi.encodeWithSelector(0x095ea7b3, to, value) 43 | ); 44 | require( 45 | success && (data.length == 0 || abi.decode(data, (bool))), 46 | "TransferHelper: APPROVE_FAILED" 47 | ); 48 | } 49 | 50 | function safeTransfer( 51 | address token, 52 | address to, 53 | uint256 value 54 | ) internal { 55 | // bytes4(keccak256(bytes('transfer(address,uint256)'))); 56 | (bool success, bytes memory data) = token.call( 57 | abi.encodeWithSelector(0xa9059cbb, to, value) 58 | ); 59 | require( 60 | success && (data.length == 0 || abi.decode(data, (bool))), 61 | "TransferHelper: TRANSFER_FAILED" 62 | ); 63 | } 64 | 65 | function safeTransferFrom( 66 | address token, 67 | address from, 68 | address to, 69 | uint256 value 70 | ) internal { 71 | // bytes4(keccak256(bytes('transferFrom(address,address,uint256)'))); 72 | (bool success, bytes memory data) = token.call( 73 | abi.encodeWithSelector(0x23b872dd, from, to, value) 74 | ); 75 | require( 76 | success && (data.length == 0 || abi.decode(data, (bool))), 77 | "TransferHelper: TRANSFER_FROM_FAILED" 78 | ); 79 | } 80 | 81 | function safeTransferETH(address to, uint256 value) internal { 82 | (bool success, ) = to.call{value: value}(new bytes(0)); 83 | require(success, "TransferHelper: ETH_TRANSFER_FAILED"); 84 | } 85 | } 86 | 87 | interface IFusionXRouter01 { 88 | function factory() external pure returns (address); 89 | 90 | function WETH() external pure returns (address); 91 | 92 | function addLiquidity( 93 | address tokenA, 94 | address tokenB, 95 | uint256 amountADesired, 96 | uint256 amountBDesired, 97 | uint256 amountAMin, 98 | uint256 amountBMin, 99 | address to, 100 | uint256 deadline 101 | ) 102 | external 103 | returns ( 104 | uint256 amountA, 105 | uint256 amountB, 106 | uint256 liquidity 107 | ); 108 | 109 | function addLiquidityETH( 110 | address token, 111 | uint256 amountTokenDesired, 112 | uint256 amountTokenMin, 113 | uint256 amountETHMin, 114 | address to, 115 | uint256 deadline 116 | ) 117 | external 118 | payable 119 | returns ( 120 | uint256 amountToken, 121 | uint256 amountETH, 122 | uint256 liquidity 123 | ); 124 | 125 | function removeLiquidity( 126 | address tokenA, 127 | address tokenB, 128 | uint256 liquidity, 129 | uint256 amountAMin, 130 | uint256 amountBMin, 131 | address to, 132 | uint256 deadline 133 | ) external returns (uint256 amountA, uint256 amountB); 134 | 135 | function removeLiquidityETH( 136 | address token, 137 | uint256 liquidity, 138 | uint256 amountTokenMin, 139 | uint256 amountETHMin, 140 | address to, 141 | uint256 deadline 142 | ) external returns (uint256 amountToken, uint256 amountETH); 143 | 144 | function removeLiquidityWithPermit( 145 | address tokenA, 146 | address tokenB, 147 | uint256 liquidity, 148 | uint256 amountAMin, 149 | uint256 amountBMin, 150 | address to, 151 | uint256 deadline, 152 | bool approveMax, 153 | uint8 v, 154 | bytes32 r, 155 | bytes32 s 156 | ) external returns (uint256 amountA, uint256 amountB); 157 | 158 | function removeLiquidityETHWithPermit( 159 | address token, 160 | uint256 liquidity, 161 | uint256 amountTokenMin, 162 | uint256 amountETHMin, 163 | address to, 164 | uint256 deadline, 165 | bool approveMax, 166 | uint8 v, 167 | bytes32 r, 168 | bytes32 s 169 | ) external returns (uint256 amountToken, uint256 amountETH); 170 | 171 | function swapExactTokensForTokens( 172 | uint256 amountIn, 173 | uint256 amountOutMin, 174 | address[] calldata path, 175 | address to, 176 | uint256 deadline 177 | ) external returns (uint256[] memory amounts); 178 | 179 | function swapTokensForExactTokens( 180 | uint256 amountOut, 181 | uint256 amountInMax, 182 | address[] calldata path, 183 | address to, 184 | uint256 deadline 185 | ) external returns (uint256[] memory amounts); 186 | 187 | function swapExactETHForTokens( 188 | uint256 amountOutMin, 189 | address[] calldata path, 190 | address to, 191 | uint256 deadline 192 | ) external payable returns (uint256[] memory amounts); 193 | 194 | function swapTokensForExactETH( 195 | uint256 amountOut, 196 | uint256 amountInMax, 197 | address[] calldata path, 198 | address to, 199 | uint256 deadline 200 | ) external returns (uint256[] memory amounts); 201 | 202 | function swapExactTokensForETH( 203 | uint256 amountIn, 204 | uint256 amountOutMin, 205 | address[] calldata path, 206 | address to, 207 | uint256 deadline 208 | ) external returns (uint256[] memory amounts); 209 | 210 | function swapETHForExactTokens( 211 | uint256 amountOut, 212 | address[] calldata path, 213 | address to, 214 | uint256 deadline 215 | ) external payable returns (uint256[] memory amounts); 216 | 217 | function quote( 218 | uint256 amountA, 219 | uint256 reserveA, 220 | uint256 reserveB 221 | ) external pure returns (uint256 amountB); 222 | 223 | function getAmountOut( 224 | uint256 amountIn, 225 | uint256 reserveIn, 226 | uint256 reserveOut 227 | ) external pure returns (uint256 amountOut); 228 | 229 | function getAmountIn( 230 | uint256 amountOut, 231 | uint256 reserveIn, 232 | uint256 reserveOut 233 | ) external pure returns (uint256 amountIn); 234 | 235 | function getAmountsOut(uint256 amountIn, address[] calldata path) 236 | external 237 | view 238 | returns (uint256[] memory amounts); 239 | 240 | function getAmountsIn(uint256 amountOut, address[] calldata path) 241 | external 242 | view 243 | returns (uint256[] memory amounts); 244 | } 245 | 246 | interface IFusionXRouter02 is IFusionXRouter01 { 247 | function removeLiquidityETHSupportingFeeOnTransferTokens( 248 | address token, 249 | uint256 liquidity, 250 | uint256 amountTokenMin, 251 | uint256 amountETHMin, 252 | address to, 253 | uint256 deadline 254 | ) external returns (uint256 amountETH); 255 | 256 | function removeLiquidityETHWithPermitSupportingFeeOnTransferTokens( 257 | address token, 258 | uint256 liquidity, 259 | uint256 amountTokenMin, 260 | uint256 amountETHMin, 261 | address to, 262 | uint256 deadline, 263 | bool approveMax, 264 | uint8 v, 265 | bytes32 r, 266 | bytes32 s 267 | ) external returns (uint256 amountETH); 268 | 269 | function swapExactTokensForTokensSupportingFeeOnTransferTokens( 270 | uint256 amountIn, 271 | uint256 amountOutMin, 272 | address[] calldata path, 273 | address to, 274 | uint256 deadline 275 | ) external; 276 | 277 | function swapExactETHForTokensSupportingFeeOnTransferTokens( 278 | uint256 amountOutMin, 279 | address[] calldata path, 280 | address to, 281 | uint256 deadline 282 | ) external payable; 283 | 284 | function swapExactTokensForETHSupportingFeeOnTransferTokens( 285 | uint256 amountIn, 286 | uint256 amountOutMin, 287 | address[] calldata path, 288 | address to, 289 | uint256 deadline 290 | ) external; 291 | } 292 | 293 | interface IFusionXPair { 294 | event Approval( 295 | address indexed owner, 296 | address indexed spender, 297 | uint256 value 298 | ); 299 | event Transfer(address indexed from, address indexed to, uint256 value); 300 | 301 | function name() external pure returns (string memory); 302 | 303 | function symbol() external pure returns (string memory); 304 | 305 | function decimals() external pure returns (uint8); 306 | 307 | function totalSupply() external view returns (uint256); 308 | 309 | function balanceOf(address owner) external view returns (uint256); 310 | 311 | function allowance(address owner, address spender) 312 | external 313 | view 314 | returns (uint256); 315 | 316 | function approve(address spender, uint256 value) external returns (bool); 317 | 318 | function transfer(address to, uint256 value) external returns (bool); 319 | 320 | function transferFrom( 321 | address from, 322 | address to, 323 | uint256 value 324 | ) external returns (bool); 325 | 326 | function DOMAIN_SEPARATOR() external view returns (bytes32); 327 | 328 | function PERMIT_TYPEHASH() external pure returns (bytes32); 329 | 330 | function nonces(address owner) external view returns (uint256); 331 | 332 | function permit( 333 | address owner, 334 | address spender, 335 | uint256 value, 336 | uint256 deadline, 337 | uint8 v, 338 | bytes32 r, 339 | bytes32 s 340 | ) external; 341 | 342 | event Mint(address indexed sender, uint256 amount0, uint256 amount1); 343 | event Burn( 344 | address indexed sender, 345 | uint256 amount0, 346 | uint256 amount1, 347 | address indexed to 348 | ); 349 | event Swap( 350 | address indexed sender, 351 | uint256 amount0In, 352 | uint256 amount1In, 353 | uint256 amount0Out, 354 | uint256 amount1Out, 355 | address indexed to 356 | ); 357 | event Sync(uint112 reserve0, uint112 reserve1); 358 | 359 | function MINIMUM_LIQUIDITY() external pure returns (uint256); 360 | 361 | function factory() external view returns (address); 362 | 363 | function token0() external view returns (address); 364 | 365 | function token1() external view returns (address); 366 | 367 | function getReserves() 368 | external 369 | view 370 | returns ( 371 | uint112 reserve0, 372 | uint112 reserve1, 373 | uint32 blockTimestampLast 374 | ); 375 | 376 | function price0CumulativeLast() external view returns (uint256); 377 | 378 | function price1CumulativeLast() external view returns (uint256); 379 | 380 | function kLast() external view returns (uint256); 381 | 382 | function mint(address to) external returns (uint256 liquidity); 383 | 384 | function burn(address to) 385 | external 386 | returns (uint256 amount0, uint256 amount1); 387 | 388 | function swap( 389 | uint256 amount0Out, 390 | uint256 amount1Out, 391 | address to, 392 | bytes calldata data 393 | ) external; 394 | 395 | function skim(address to) external; 396 | 397 | function sync() external; 398 | 399 | function initialize(address, address) external; 400 | } 401 | 402 | // a library for performing overflow-safe math, courtesy of DappHub (https://github.com/dapphub/ds-math) 403 | library SafeMath { 404 | function add(uint256 x, uint256 y) internal pure returns (uint256 z) { 405 | require((z = x + y) >= x, "ds-math-add-overflow"); 406 | } 407 | 408 | function sub(uint256 x, uint256 y) internal pure returns (uint256 z) { 409 | require((z = x - y) <= x, "ds-math-sub-underflow"); 410 | } 411 | 412 | function mul(uint256 x, uint256 y) internal pure returns (uint256 z) { 413 | require(y == 0 || (z = x * y) / y == x, "ds-math-mul-overflow"); 414 | } 415 | } 416 | 417 | library FusionXLibrary { 418 | using SafeMath for uint256; 419 | 420 | // returns sorted token addresses, used to handle return values from pairs sorted in this order 421 | function sortTokens(address tokenA, address tokenB) 422 | internal 423 | pure 424 | returns (address token0, address token1) 425 | { 426 | require(tokenA != tokenB, "FusionXLibrary: IDENTICAL_ADDRESSES"); 427 | (token0, token1) = tokenA < tokenB 428 | ? (tokenA, tokenB) 429 | : (tokenB, tokenA); 430 | require(token0 != address(0), "FusionXLibrary: ZERO_ADDRESS"); 431 | } 432 | 433 | // calculates the CREATE2 address for a pair without making any external calls 434 | function pairFor( 435 | address factory, 436 | address tokenA, 437 | address tokenB 438 | ) internal pure returns (address pair) { 439 | (address token0, address token1) = sortTokens(tokenA, tokenB); 440 | pair = address( 441 | uint256( 442 | keccak256( 443 | abi.encodePacked( 444 | hex"ff", 445 | factory, 446 | keccak256(abi.encodePacked(token0, token1)), 447 | hex"58c684aeb03fe49c8a3080db88e425fae262c5ef5bf0e8acffc0526c6e3c03a0" // init code hash 448 | ) 449 | ) 450 | ) 451 | ); 452 | } 453 | 454 | // fetches and sorts the reserves for a pair 455 | function getReserves( 456 | address factory, 457 | address tokenA, 458 | address tokenB 459 | ) internal view returns (uint256 reserveA, uint256 reserveB) { 460 | (address token0, ) = sortTokens(tokenA, tokenB); 461 | pairFor(factory, tokenA, tokenB); 462 | (uint256 reserve0, uint256 reserve1, ) = IFusionXPair( 463 | pairFor(factory, tokenA, tokenB) 464 | ).getReserves(); 465 | (reserveA, reserveB) = tokenA == token0 466 | ? (reserve0, reserve1) 467 | : (reserve1, reserve0); 468 | } 469 | 470 | // given some amount of an asset and pair reserves, returns an equivalent amount of the other asset 471 | function quote( 472 | uint256 amountA, 473 | uint256 reserveA, 474 | uint256 reserveB 475 | ) internal pure returns (uint256 amountB) { 476 | require(amountA > 0, "FusionXLibrary: INSUFFICIENT_AMOUNT"); 477 | require( 478 | reserveA > 0 && reserveB > 0, 479 | "FusionXLibrary: INSUFFICIENT_LIQUIDITY" 480 | ); 481 | amountB = amountA.mul(reserveB) / reserveA; 482 | } 483 | 484 | // given an input amount of an asset and pair reserves, returns the maximum output amount of the other asset 485 | function getAmountOut( 486 | uint256 amountIn, 487 | uint256 reserveIn, 488 | uint256 reserveOut 489 | ) internal pure returns (uint256 amountOut) { 490 | require(amountIn > 0, "FusionXLibrary: INSUFFICIENT_INPUT_AMOUNT"); 491 | require( 492 | reserveIn > 0 && reserveOut > 0, 493 | "FusionXLibrary: INSUFFICIENT_LIQUIDITY" 494 | ); 495 | uint256 amountInWithFee = amountIn.mul(998); 496 | uint256 numerator = amountInWithFee.mul(reserveOut); 497 | uint256 denominator = reserveIn.mul(1000).add(amountInWithFee); 498 | amountOut = numerator / denominator; 499 | } 500 | 501 | // given an output amount of an asset and pair reserves, returns a required input amount of the other asset 502 | function getAmountIn( 503 | uint256 amountOut, 504 | uint256 reserveIn, 505 | uint256 reserveOut 506 | ) internal pure returns (uint256 amountIn) { 507 | require(amountOut > 0, "FusionXLibrary: INSUFFICIENT_OUTPUT_AMOUNT"); 508 | require( 509 | reserveIn > 0 && reserveOut > 0, 510 | "FusionXLibrary: INSUFFICIENT_LIQUIDITY" 511 | ); 512 | uint256 numerator = reserveIn.mul(amountOut).mul(1000); 513 | uint256 denominator = reserveOut.sub(amountOut).mul(998); 514 | amountIn = (numerator / denominator).add(1); 515 | } 516 | 517 | // performs chained getAmountOut calculations on any number of pairs 518 | function getAmountsOut( 519 | address factory, 520 | uint256 amountIn, 521 | address[] memory path 522 | ) internal view returns (uint256[] memory amounts) { 523 | require(path.length >= 2, "FusionXLibrary: INVALID_PATH"); 524 | amounts = new uint256[](path.length); 525 | amounts[0] = amountIn; 526 | for (uint256 i; i < path.length - 1; i++) { 527 | (uint256 reserveIn, uint256 reserveOut) = getReserves( 528 | factory, 529 | path[i], 530 | path[i + 1] 531 | ); 532 | amounts[i + 1] = getAmountOut(amounts[i], reserveIn, reserveOut); 533 | } 534 | } 535 | 536 | // performs chained getAmountIn calculations on any number of pairs 537 | function getAmountsIn( 538 | address factory, 539 | uint256 amountOut, 540 | address[] memory path 541 | ) internal view returns (uint256[] memory amounts) { 542 | require(path.length >= 2, "FusionXLibrary: INVALID_PATH"); 543 | amounts = new uint256[](path.length); 544 | amounts[amounts.length - 1] = amountOut; 545 | for (uint256 i = path.length - 1; i > 0; i--) { 546 | (uint256 reserveIn, uint256 reserveOut) = getReserves( 547 | factory, 548 | path[i - 1], 549 | path[i] 550 | ); 551 | amounts[i - 1] = getAmountIn(amounts[i], reserveIn, reserveOut); 552 | } 553 | } 554 | } 555 | 556 | interface IERC20 { 557 | event Approval( 558 | address indexed owner, 559 | address indexed spender, 560 | uint256 value 561 | ); 562 | event Transfer(address indexed from, address indexed to, uint256 value); 563 | 564 | function name() external view returns (string memory); 565 | 566 | function symbol() external view returns (string memory); 567 | 568 | function decimals() external view returns (uint8); 569 | 570 | function totalSupply() external view returns (uint256); 571 | 572 | function balanceOf(address owner) external view returns (uint256); 573 | 574 | function allowance(address owner, address spender) 575 | external 576 | view 577 | returns (uint256); 578 | 579 | function approve(address spender, uint256 value) external returns (bool); 580 | 581 | function transfer(address to, uint256 value) external returns (bool); 582 | 583 | function transferFrom( 584 | address from, 585 | address to, 586 | uint256 value 587 | ) external returns (bool); 588 | } 589 | 590 | interface IWETH { 591 | function deposit() external payable; 592 | 593 | function transfer(address to, uint256 value) external returns (bool); 594 | 595 | function withdraw(uint256) external; 596 | } 597 | 598 | contract FusionXRouter is IFusionXRouter02 { 599 | using SafeMath for uint256; 600 | 601 | address public immutable override factory; 602 | address public immutable override WETH; 603 | 604 | modifier ensure(uint256 deadline) { 605 | require(deadline >= block.timestamp, "FusionXRouter: EXPIRED"); 606 | _; 607 | } 608 | 609 | constructor(address _factory, address _WETH) public { 610 | factory = _factory; 611 | WETH = _WETH; 612 | } 613 | 614 | receive() external payable { 615 | assert(msg.sender == WETH); // only accept ETH via fallback from the WETH contract 616 | } 617 | 618 | // **** ADD LIQUIDITY **** 619 | function _addLiquidity( 620 | address tokenA, 621 | address tokenB, 622 | uint256 amountADesired, 623 | uint256 amountBDesired, 624 | uint256 amountAMin, 625 | uint256 amountBMin 626 | ) internal virtual returns (uint256 amountA, uint256 amountB) { 627 | // create the pair if it doesn't exist yet 628 | if (IFusionXFactory(factory).getPair(tokenA, tokenB) == address(0)) { 629 | IFusionXFactory(factory).createPair(tokenA, tokenB); 630 | } 631 | (uint256 reserveA, uint256 reserveB) = FusionXLibrary.getReserves( 632 | factory, 633 | tokenA, 634 | tokenB 635 | ); 636 | if (reserveA == 0 && reserveB == 0) { 637 | (amountA, amountB) = (amountADesired, amountBDesired); 638 | } else { 639 | uint256 amountBOptimal = FusionXLibrary.quote( 640 | amountADesired, 641 | reserveA, 642 | reserveB 643 | ); 644 | if (amountBOptimal <= amountBDesired) { 645 | require( 646 | amountBOptimal >= amountBMin, 647 | "FusionXRouter: INSUFFICIENT_B_AMOUNT" 648 | ); 649 | (amountA, amountB) = (amountADesired, amountBOptimal); 650 | } else { 651 | uint256 amountAOptimal = FusionXLibrary.quote( 652 | amountBDesired, 653 | reserveB, 654 | reserveA 655 | ); 656 | assert(amountAOptimal <= amountADesired); 657 | require( 658 | amountAOptimal >= amountAMin, 659 | "FusionXRouter: INSUFFICIENT_A_AMOUNT" 660 | ); 661 | (amountA, amountB) = (amountAOptimal, amountBDesired); 662 | } 663 | } 664 | } 665 | 666 | function addLiquidity( 667 | address tokenA, 668 | address tokenB, 669 | uint256 amountADesired, 670 | uint256 amountBDesired, 671 | uint256 amountAMin, 672 | uint256 amountBMin, 673 | address to, 674 | uint256 deadline 675 | ) 676 | external 677 | virtual 678 | override 679 | ensure(deadline) 680 | returns ( 681 | uint256 amountA, 682 | uint256 amountB, 683 | uint256 liquidity 684 | ) 685 | { 686 | (amountA, amountB) = _addLiquidity( 687 | tokenA, 688 | tokenB, 689 | amountADesired, 690 | amountBDesired, 691 | amountAMin, 692 | amountBMin 693 | ); 694 | address pair = FusionXLibrary.pairFor(factory, tokenA, tokenB); 695 | TransferHelper.safeTransferFrom(tokenA, msg.sender, pair, amountA); 696 | TransferHelper.safeTransferFrom(tokenB, msg.sender, pair, amountB); 697 | liquidity = IFusionXPair(pair).mint(to); 698 | } 699 | 700 | function addLiquidityETH( 701 | address token, 702 | uint256 amountTokenDesired, 703 | uint256 amountTokenMin, 704 | uint256 amountETHMin, 705 | address to, 706 | uint256 deadline 707 | ) 708 | external 709 | payable 710 | virtual 711 | override 712 | ensure(deadline) 713 | returns ( 714 | uint256 amountToken, 715 | uint256 amountETH, 716 | uint256 liquidity 717 | ) 718 | { 719 | (amountToken, amountETH) = _addLiquidity( 720 | token, 721 | WETH, 722 | amountTokenDesired, 723 | msg.value, 724 | amountTokenMin, 725 | amountETHMin 726 | ); 727 | address pair = FusionXLibrary.pairFor(factory, token, WETH); 728 | TransferHelper.safeTransferFrom(token, msg.sender, pair, amountToken); 729 | IWETH(WETH).deposit{value: amountETH}(); 730 | assert(IWETH(WETH).transfer(pair, amountETH)); 731 | liquidity = IFusionXPair(pair).mint(to); 732 | // refund dust eth, if any 733 | if (msg.value > amountETH) 734 | TransferHelper.safeTransferETH(msg.sender, msg.value - amountETH); 735 | } 736 | 737 | // **** REMOVE LIQUIDITY **** 738 | function removeLiquidity( 739 | address tokenA, 740 | address tokenB, 741 | uint256 liquidity, 742 | uint256 amountAMin, 743 | uint256 amountBMin, 744 | address to, 745 | uint256 deadline 746 | ) 747 | public 748 | virtual 749 | override 750 | ensure(deadline) 751 | returns (uint256 amountA, uint256 amountB) 752 | { 753 | address pair = FusionXLibrary.pairFor(factory, tokenA, tokenB); 754 | IFusionXPair(pair).transferFrom(msg.sender, pair, liquidity); // send liquidity to pair 755 | (uint256 amount0, uint256 amount1) = IFusionXPair(pair).burn(to); 756 | (address token0, ) = FusionXLibrary.sortTokens(tokenA, tokenB); 757 | (amountA, amountB) = tokenA == token0 758 | ? (amount0, amount1) 759 | : (amount1, amount0); 760 | require(amountA >= amountAMin, "FusionXRouter: INSUFFICIENT_A_AMOUNT"); 761 | require(amountB >= amountBMin, "FusionXRouter: INSUFFICIENT_B_AMOUNT"); 762 | } 763 | 764 | function removeLiquidityETH( 765 | address token, 766 | uint256 liquidity, 767 | uint256 amountTokenMin, 768 | uint256 amountETHMin, 769 | address to, 770 | uint256 deadline 771 | ) 772 | public 773 | virtual 774 | override 775 | ensure(deadline) 776 | returns (uint256 amountToken, uint256 amountETH) 777 | { 778 | (amountToken, amountETH) = removeLiquidity( 779 | token, 780 | WETH, 781 | liquidity, 782 | amountTokenMin, 783 | amountETHMin, 784 | address(this), 785 | deadline 786 | ); 787 | TransferHelper.safeTransfer(token, to, amountToken); 788 | IWETH(WETH).withdraw(amountETH); 789 | TransferHelper.safeTransferETH(to, amountETH); 790 | } 791 | 792 | function removeLiquidityWithPermit( 793 | address tokenA, 794 | address tokenB, 795 | uint256 liquidity, 796 | uint256 amountAMin, 797 | uint256 amountBMin, 798 | address to, 799 | uint256 deadline, 800 | bool approveMax, 801 | uint8 v, 802 | bytes32 r, 803 | bytes32 s 804 | ) external virtual override returns (uint256 amountA, uint256 amountB) { 805 | address pair = FusionXLibrary.pairFor(factory, tokenA, tokenB); 806 | uint256 value = approveMax ? uint256(-1) : liquidity; 807 | IFusionXPair(pair).permit( 808 | msg.sender, 809 | address(this), 810 | value, 811 | deadline, 812 | v, 813 | r, 814 | s 815 | ); 816 | (amountA, amountB) = removeLiquidity( 817 | tokenA, 818 | tokenB, 819 | liquidity, 820 | amountAMin, 821 | amountBMin, 822 | to, 823 | deadline 824 | ); 825 | } 826 | 827 | function removeLiquidityETHWithPermit( 828 | address token, 829 | uint256 liquidity, 830 | uint256 amountTokenMin, 831 | uint256 amountETHMin, 832 | address to, 833 | uint256 deadline, 834 | bool approveMax, 835 | uint8 v, 836 | bytes32 r, 837 | bytes32 s 838 | ) 839 | external 840 | virtual 841 | override 842 | returns (uint256 amountToken, uint256 amountETH) 843 | { 844 | address pair = FusionXLibrary.pairFor(factory, token, WETH); 845 | uint256 value = approveMax ? uint256(-1) : liquidity; 846 | IFusionXPair(pair).permit( 847 | msg.sender, 848 | address(this), 849 | value, 850 | deadline, 851 | v, 852 | r, 853 | s 854 | ); 855 | (amountToken, amountETH) = removeLiquidityETH( 856 | token, 857 | liquidity, 858 | amountTokenMin, 859 | amountETHMin, 860 | to, 861 | deadline 862 | ); 863 | } 864 | 865 | // **** REMOVE LIQUIDITY (supporting fee-on-transfer tokens) **** 866 | function removeLiquidityETHSupportingFeeOnTransferTokens( 867 | address token, 868 | uint256 liquidity, 869 | uint256 amountTokenMin, 870 | uint256 amountETHMin, 871 | address to, 872 | uint256 deadline 873 | ) public virtual override ensure(deadline) returns (uint256 amountETH) { 874 | (, amountETH) = removeLiquidity( 875 | token, 876 | WETH, 877 | liquidity, 878 | amountTokenMin, 879 | amountETHMin, 880 | address(this), 881 | deadline 882 | ); 883 | TransferHelper.safeTransfer( 884 | token, 885 | to, 886 | IERC20(token).balanceOf(address(this)) 887 | ); 888 | IWETH(WETH).withdraw(amountETH); 889 | TransferHelper.safeTransferETH(to, amountETH); 890 | } 891 | 892 | function removeLiquidityETHWithPermitSupportingFeeOnTransferTokens( 893 | address token, 894 | uint256 liquidity, 895 | uint256 amountTokenMin, 896 | uint256 amountETHMin, 897 | address to, 898 | uint256 deadline, 899 | bool approveMax, 900 | uint8 v, 901 | bytes32 r, 902 | bytes32 s 903 | ) external virtual override returns (uint256 amountETH) { 904 | address pair = FusionXLibrary.pairFor(factory, token, WETH); 905 | uint256 value = approveMax ? uint256(-1) : liquidity; 906 | IFusionXPair(pair).permit( 907 | msg.sender, 908 | address(this), 909 | value, 910 | deadline, 911 | v, 912 | r, 913 | s 914 | ); 915 | amountETH = removeLiquidityETHSupportingFeeOnTransferTokens( 916 | token, 917 | liquidity, 918 | amountTokenMin, 919 | amountETHMin, 920 | to, 921 | deadline 922 | ); 923 | } 924 | 925 | // **** SWAP **** 926 | // requires the initial amount to have already been sent to the first pair 927 | function _swap( 928 | uint256[] memory amounts, 929 | address[] memory path, 930 | address _to 931 | ) internal virtual { 932 | for (uint256 i; i < path.length - 1; i++) { 933 | (address input, address output) = (path[i], path[i + 1]); 934 | (address token0, ) = FusionXLibrary.sortTokens(input, output); 935 | uint256 amountOut = amounts[i + 1]; 936 | (uint256 amount0Out, uint256 amount1Out) = input == token0 937 | ? (uint256(0), amountOut) 938 | : (amountOut, uint256(0)); 939 | address to = i < path.length - 2 940 | ? FusionXLibrary.pairFor(factory, output, path[i + 2]) 941 | : _to; 942 | IFusionXPair(FusionXLibrary.pairFor(factory, input, output)).swap( 943 | amount0Out, 944 | amount1Out, 945 | to, 946 | new bytes(0) 947 | ); 948 | } 949 | } 950 | 951 | function swapExactTokensForTokens( 952 | uint256 amountIn, 953 | uint256 amountOutMin, 954 | address[] calldata path, 955 | address to, 956 | uint256 deadline 957 | ) 958 | external 959 | virtual 960 | override 961 | ensure(deadline) 962 | returns (uint256[] memory amounts) 963 | { 964 | amounts = FusionXLibrary.getAmountsOut(factory, amountIn, path); 965 | require( 966 | amounts[amounts.length - 1] >= amountOutMin, 967 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 968 | ); 969 | TransferHelper.safeTransferFrom( 970 | path[0], 971 | msg.sender, 972 | FusionXLibrary.pairFor(factory, path[0], path[1]), 973 | amounts[0] 974 | ); 975 | _swap(amounts, path, to); 976 | } 977 | 978 | function swapTokensForExactTokens( 979 | uint256 amountOut, 980 | uint256 amountInMax, 981 | address[] calldata path, 982 | address to, 983 | uint256 deadline 984 | ) 985 | external 986 | virtual 987 | override 988 | ensure(deadline) 989 | returns (uint256[] memory amounts) 990 | { 991 | amounts = FusionXLibrary.getAmountsIn(factory, amountOut, path); 992 | require( 993 | amounts[0] <= amountInMax, 994 | "FusionXRouter: EXCESSIVE_INPUT_AMOUNT" 995 | ); 996 | TransferHelper.safeTransferFrom( 997 | path[0], 998 | msg.sender, 999 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1000 | amounts[0] 1001 | ); 1002 | _swap(amounts, path, to); 1003 | } 1004 | 1005 | function swapExactETHForTokens( 1006 | uint256 amountOutMin, 1007 | address[] calldata path, 1008 | address to, 1009 | uint256 deadline 1010 | ) 1011 | external 1012 | payable 1013 | virtual 1014 | override 1015 | ensure(deadline) 1016 | returns (uint256[] memory amounts) 1017 | { 1018 | require(path[0] == WETH, "FusionXRouter: INVALID_PATH"); 1019 | amounts = FusionXLibrary.getAmountsOut(factory, msg.value, path); 1020 | require( 1021 | amounts[amounts.length - 1] >= amountOutMin, 1022 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 1023 | ); 1024 | IWETH(WETH).deposit{value: amounts[0]}(); 1025 | assert( 1026 | IWETH(WETH).transfer( 1027 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1028 | amounts[0] 1029 | ) 1030 | ); 1031 | _swap(amounts, path, to); 1032 | } 1033 | 1034 | function swapTokensForExactETH( 1035 | uint256 amountOut, 1036 | uint256 amountInMax, 1037 | address[] calldata path, 1038 | address to, 1039 | uint256 deadline 1040 | ) 1041 | external 1042 | virtual 1043 | override 1044 | ensure(deadline) 1045 | returns (uint256[] memory amounts) 1046 | { 1047 | require(path[path.length - 1] == WETH, "FusionXRouter: INVALID_PATH"); 1048 | amounts = FusionXLibrary.getAmountsIn(factory, amountOut, path); 1049 | require( 1050 | amounts[0] <= amountInMax, 1051 | "FusionXRouter: EXCESSIVE_INPUT_AMOUNT" 1052 | ); 1053 | TransferHelper.safeTransferFrom( 1054 | path[0], 1055 | msg.sender, 1056 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1057 | amounts[0] 1058 | ); 1059 | _swap(amounts, path, address(this)); 1060 | IWETH(WETH).withdraw(amounts[amounts.length - 1]); 1061 | TransferHelper.safeTransferETH(to, amounts[amounts.length - 1]); 1062 | } 1063 | 1064 | function swapExactTokensForETH( 1065 | uint256 amountIn, 1066 | uint256 amountOutMin, 1067 | address[] calldata path, 1068 | address to, 1069 | uint256 deadline 1070 | ) 1071 | external 1072 | virtual 1073 | override 1074 | ensure(deadline) 1075 | returns (uint256[] memory amounts) 1076 | { 1077 | require(path[path.length - 1] == WETH, "FusionXRouter: INVALID_PATH"); 1078 | amounts = FusionXLibrary.getAmountsOut(factory, amountIn, path); 1079 | require( 1080 | amounts[amounts.length - 1] >= amountOutMin, 1081 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 1082 | ); 1083 | TransferHelper.safeTransferFrom( 1084 | path[0], 1085 | msg.sender, 1086 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1087 | amounts[0] 1088 | ); 1089 | _swap(amounts, path, address(this)); 1090 | IWETH(WETH).withdraw(amounts[amounts.length - 1]); 1091 | TransferHelper.safeTransferETH(to, amounts[amounts.length - 1]); 1092 | } 1093 | 1094 | function swapETHForExactTokens( 1095 | uint256 amountOut, 1096 | address[] calldata path, 1097 | address to, 1098 | uint256 deadline 1099 | ) 1100 | external 1101 | payable 1102 | virtual 1103 | override 1104 | ensure(deadline) 1105 | returns (uint256[] memory amounts) 1106 | { 1107 | require(path[0] == WETH, "FusionXRouter: INVALID_PATH"); 1108 | amounts = FusionXLibrary.getAmountsIn(factory, amountOut, path); 1109 | require( 1110 | amounts[0] <= msg.value, 1111 | "FusionXRouter: EXCESSIVE_INPUT_AMOUNT" 1112 | ); 1113 | IWETH(WETH).deposit{value: amounts[0]}(); 1114 | assert( 1115 | IWETH(WETH).transfer( 1116 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1117 | amounts[0] 1118 | ) 1119 | ); 1120 | _swap(amounts, path, to); 1121 | // refund dust eth, if any 1122 | if (msg.value > amounts[0]) 1123 | TransferHelper.safeTransferETH(msg.sender, msg.value - amounts[0]); 1124 | } 1125 | 1126 | // **** SWAP (supporting fee-on-transfer tokens) **** 1127 | // requires the initial amount to have already been sent to the first pair 1128 | function _swapSupportingFeeOnTransferTokens( 1129 | address[] memory path, 1130 | address _to 1131 | ) internal virtual { 1132 | for (uint256 i; i < path.length - 1; i++) { 1133 | (address input, address output) = (path[i], path[i + 1]); 1134 | (address token0, ) = FusionXLibrary.sortTokens(input, output); 1135 | IFusionXPair pair = IFusionXPair( 1136 | FusionXLibrary.pairFor(factory, input, output) 1137 | ); 1138 | uint256 amountInput; 1139 | uint256 amountOutput; 1140 | { 1141 | // scope to avoid stack too deep errors 1142 | (uint256 reserve0, uint256 reserve1, ) = pair.getReserves(); 1143 | (uint256 reserveInput, uint256 reserveOutput) = input == token0 1144 | ? (reserve0, reserve1) 1145 | : (reserve1, reserve0); 1146 | amountInput = IERC20(input).balanceOf(address(pair)).sub( 1147 | reserveInput 1148 | ); 1149 | amountOutput = FusionXLibrary.getAmountOut( 1150 | amountInput, 1151 | reserveInput, 1152 | reserveOutput 1153 | ); 1154 | } 1155 | (uint256 amount0Out, uint256 amount1Out) = input == token0 1156 | ? (uint256(0), amountOutput) 1157 | : (amountOutput, uint256(0)); 1158 | address to = i < path.length - 2 1159 | ? FusionXLibrary.pairFor(factory, output, path[i + 2]) 1160 | : _to; 1161 | pair.swap(amount0Out, amount1Out, to, new bytes(0)); 1162 | } 1163 | } 1164 | 1165 | function swapExactTokensForTokensSupportingFeeOnTransferTokens( 1166 | uint256 amountIn, 1167 | uint256 amountOutMin, 1168 | address[] calldata path, 1169 | address to, 1170 | uint256 deadline 1171 | ) external virtual override ensure(deadline) { 1172 | TransferHelper.safeTransferFrom( 1173 | path[0], 1174 | msg.sender, 1175 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1176 | amountIn 1177 | ); 1178 | uint256 balanceBefore = IERC20(path[path.length - 1]).balanceOf(to); 1179 | _swapSupportingFeeOnTransferTokens(path, to); 1180 | require( 1181 | IERC20(path[path.length - 1]).balanceOf(to).sub(balanceBefore) >= 1182 | amountOutMin, 1183 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 1184 | ); 1185 | } 1186 | 1187 | function swapExactETHForTokensSupportingFeeOnTransferTokens( 1188 | uint256 amountOutMin, 1189 | address[] calldata path, 1190 | address to, 1191 | uint256 deadline 1192 | ) external payable virtual override ensure(deadline) { 1193 | require(path[0] == WETH, "FusionXRouter: INVALID_PATH"); 1194 | uint256 amountIn = msg.value; 1195 | IWETH(WETH).deposit{value: amountIn}(); 1196 | assert( 1197 | IWETH(WETH).transfer( 1198 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1199 | amountIn 1200 | ) 1201 | ); 1202 | uint256 balanceBefore = IERC20(path[path.length - 1]).balanceOf(to); 1203 | _swapSupportingFeeOnTransferTokens(path, to); 1204 | require( 1205 | IERC20(path[path.length - 1]).balanceOf(to).sub(balanceBefore) >= 1206 | amountOutMin, 1207 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 1208 | ); 1209 | } 1210 | 1211 | function swapExactTokensForETHSupportingFeeOnTransferTokens( 1212 | uint256 amountIn, 1213 | uint256 amountOutMin, 1214 | address[] calldata path, 1215 | address to, 1216 | uint256 deadline 1217 | ) external virtual override ensure(deadline) { 1218 | require(path[path.length - 1] == WETH, "FusionXRouter: INVALID_PATH"); 1219 | TransferHelper.safeTransferFrom( 1220 | path[0], 1221 | msg.sender, 1222 | FusionXLibrary.pairFor(factory, path[0], path[1]), 1223 | amountIn 1224 | ); 1225 | _swapSupportingFeeOnTransferTokens(path, address(this)); 1226 | uint256 amountOut = IERC20(WETH).balanceOf(address(this)); 1227 | require( 1228 | amountOut >= amountOutMin, 1229 | "FusionXRouter: INSUFFICIENT_OUTPUT_AMOUNT" 1230 | ); 1231 | IWETH(WETH).withdraw(amountOut); 1232 | TransferHelper.safeTransferETH(to, amountOut); 1233 | } 1234 | 1235 | // **** LIBRARY FUNCTIONS **** 1236 | function quote( 1237 | uint256 amountA, 1238 | uint256 reserveA, 1239 | uint256 reserveB 1240 | ) public pure virtual override returns (uint256 amountB) { 1241 | return FusionXLibrary.quote(amountA, reserveA, reserveB); 1242 | } 1243 | 1244 | function getAmountOut( 1245 | uint256 amountIn, 1246 | uint256 reserveIn, 1247 | uint256 reserveOut 1248 | ) public pure virtual override returns (uint256 amountOut) { 1249 | return FusionXLibrary.getAmountOut(amountIn, reserveIn, reserveOut); 1250 | } 1251 | 1252 | function getAmountIn( 1253 | uint256 amountOut, 1254 | uint256 reserveIn, 1255 | uint256 reserveOut 1256 | ) public pure virtual override returns (uint256 amountIn) { 1257 | return FusionXLibrary.getAmountIn(amountOut, reserveIn, reserveOut); 1258 | } 1259 | 1260 | function getAmountsOut(uint256 amountIn, address[] memory path) 1261 | public 1262 | view 1263 | virtual 1264 | override 1265 | returns (uint256[] memory amounts) 1266 | { 1267 | return FusionXLibrary.getAmountsOut(factory, amountIn, path); 1268 | } 1269 | 1270 | function getAmountsIn(uint256 amountOut, address[] memory path) 1271 | public 1272 | view 1273 | virtual 1274 | override 1275 | returns (uint256[] memory amounts) 1276 | { 1277 | return FusionXLibrary.getAmountsIn(factory, amountOut, path); 1278 | } 1279 | } 1280 | -------------------------------------------------------------------------------- /FusionXToken.sol: -------------------------------------------------------------------------------- 1 | /** 2 | *Submitted for verification at BscScan.com on 2020-09-22 3 | */ 4 | 5 | pragma solidity 0.6.12; 6 | 7 | // 8 | /* 9 | * @dev Provides information about the current execution context, including the 10 | * sender of the transaction and its data. While these are generally available 11 | * via msg.sender and msg.data, they should not be accessed in such a direct 12 | * manner, since when dealing with GSN meta-transactions the account sending and 13 | * paying for execution may not be the actual sender (as far as an application 14 | * is concerned). 15 | * 16 | * This contract is only required for intermediate, library-like contracts. 17 | */ 18 | contract Context { 19 | // Empty internal constructor, to prevent people from mistakenly deploying 20 | // an instance of this contract, which should be used via inheritance. 21 | constructor() internal {} 22 | 23 | function _msgSender() internal view returns (address payable) { 24 | return msg.sender; 25 | } 26 | 27 | function _msgData() internal view returns (bytes memory) { 28 | this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691 29 | return msg.data; 30 | } 31 | } 32 | 33 | // 34 | /** 35 | * @dev Contract module which provides a basic access control mechanism, where 36 | * there is an account (an owner) that can be granted exclusive access to 37 | * specific functions. 38 | * 39 | * By default, the owner account will be the one that deploys the contract. This 40 | * can later be changed with {transferOwnership}. 41 | * 42 | * This module is used through inheritance. It will make available the modifier 43 | * `onlyOwner`, which can be applied to your functions to restrict their use to 44 | * the owner. 45 | */ 46 | contract Ownable is Context { 47 | address private _owner; 48 | 49 | event OwnershipTransferred( 50 | address indexed previousOwner, 51 | address indexed newOwner 52 | ); 53 | 54 | /** 55 | * @dev Initializes the contract setting the deployer as the initial owner. 56 | */ 57 | constructor() internal { 58 | address msgSender = _msgSender(); 59 | _owner = msgSender; 60 | emit OwnershipTransferred(address(0), msgSender); 61 | } 62 | 63 | /** 64 | * @dev Returns the address of the current owner. 65 | */ 66 | function owner() public view returns (address) { 67 | return _owner; 68 | } 69 | 70 | /** 71 | * @dev Throws if called by any account other than the owner. 72 | */ 73 | modifier onlyOwner() { 74 | require(_owner == _msgSender(), "Ownable: caller is not the owner"); 75 | _; 76 | } 77 | 78 | /** 79 | * @dev Leaves the contract without owner. It will not be possible to call 80 | * `onlyOwner` functions anymore. Can only be called by the current owner. 81 | * 82 | * NOTE: Renouncing ownership will leave the contract without an owner, 83 | * thereby removing any functionality that is only available to the owner. 84 | */ 85 | function renounceOwnership() public onlyOwner { 86 | emit OwnershipTransferred(_owner, address(0)); 87 | _owner = address(0); 88 | } 89 | 90 | /** 91 | * @dev Transfers ownership of the contract to a new account (`newOwner`). 92 | * Can only be called by the current owner. 93 | */ 94 | function transferOwnership(address newOwner) public onlyOwner { 95 | _transferOwnership(newOwner); 96 | } 97 | 98 | /** 99 | * @dev Transfers ownership of the contract to a new account (`newOwner`). 100 | */ 101 | function _transferOwnership(address newOwner) internal { 102 | require( 103 | newOwner != address(0), 104 | "Ownable: new owner is the zero address" 105 | ); 106 | emit OwnershipTransferred(_owner, newOwner); 107 | _owner = newOwner; 108 | } 109 | } 110 | 111 | // 112 | interface IERC20 { 113 | /** 114 | * @dev Returns the amount of tokens in existence. 115 | */ 116 | function totalSupply() external view returns (uint256); 117 | 118 | /** 119 | * @dev Returns the token decimals. 120 | */ 121 | function decimals() external view returns (uint8); 122 | 123 | /** 124 | * @dev Returns the token symbol. 125 | */ 126 | function symbol() external view returns (string memory); 127 | 128 | /** 129 | * @dev Returns the token name. 130 | */ 131 | function name() external view returns (string memory); 132 | 133 | /** 134 | * @dev Returns the bep token owner. 135 | */ 136 | function getOwner() external view returns (address); 137 | 138 | /** 139 | * @dev Returns the amount of tokens owned by `account`. 140 | */ 141 | function balanceOf(address account) external view returns (uint256); 142 | 143 | /** 144 | * @dev Moves `amount` tokens from the caller's account to `recipient`. 145 | * 146 | * Returns a boolean value indicating whether the operation succeeded. 147 | * 148 | * Emits a {Transfer} event. 149 | */ 150 | function transfer(address recipient, uint256 amount) 151 | external 152 | returns (bool); 153 | 154 | /** 155 | * @dev Returns the remaining number of tokens that `spender` will be 156 | * allowed to spend on behalf of `owner` through {transferFrom}. This is 157 | * zero by default. 158 | * 159 | * This value changes when {approve} or {transferFrom} are called. 160 | */ 161 | function allowance(address _owner, address spender) 162 | external 163 | view 164 | returns (uint256); 165 | 166 | /** 167 | * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. 168 | * 169 | * Returns a boolean value indicating whether the operation succeeded. 170 | * 171 | * IMPORTANT: Beware that changing an allowance with this method brings the risk 172 | * that someone may use both the old and the new allowance by unfortunate 173 | * transaction ordering. One possible solution to mitigate this race 174 | * condition is to first reduce the spender's allowance to 0 and set the 175 | * desired value afterwards: 176 | * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 177 | * 178 | * Emits an {Approval} event. 179 | */ 180 | function approve(address spender, uint256 amount) external returns (bool); 181 | 182 | /** 183 | * @dev Moves `amount` tokens from `sender` to `recipient` using the 184 | * allowance mechanism. `amount` is then deducted from the caller's 185 | * allowance. 186 | * 187 | * Returns a boolean value indicating whether the operation succeeded. 188 | * 189 | * Emits a {Transfer} event. 190 | */ 191 | function transferFrom( 192 | address sender, 193 | address recipient, 194 | uint256 amount 195 | ) external returns (bool); 196 | 197 | /** 198 | * @dev Emitted when `value` tokens are moved from one account (`from`) to 199 | * another (`to`). 200 | * 201 | * Note that `value` may be zero. 202 | */ 203 | event Transfer(address indexed from, address indexed to, uint256 value); 204 | 205 | /** 206 | * @dev Emitted when the allowance of a `spender` for an `owner` is set by 207 | * a call to {approve}. `value` is the new allowance. 208 | */ 209 | event Approval( 210 | address indexed owner, 211 | address indexed spender, 212 | uint256 value 213 | ); 214 | } 215 | 216 | // 217 | /** 218 | * @dev Wrappers over Solidity's arithmetic operations with added overflow 219 | * checks. 220 | * 221 | * Arithmetic operations in Solidity wrap on overflow. This can easily result 222 | * in bugs, because programmers usually assume that an overflow raises an 223 | * error, which is the standard behavior in high level programming languages. 224 | * `SafeMath` restores this intuition by reverting the transaction when an 225 | * operation overflows. 226 | * 227 | * Using this library instead of the unchecked operations eliminates an entire 228 | * class of bugs, so it's recommended to use it always. 229 | */ 230 | library SafeMath { 231 | /** 232 | * @dev Returns the addition of two unsigned integers, reverting on 233 | * overflow. 234 | * 235 | * Counterpart to Solidity's `+` operator. 236 | * 237 | * Requirements: 238 | * 239 | * - Addition cannot overflow. 240 | */ 241 | function add(uint256 a, uint256 b) internal pure returns (uint256) { 242 | uint256 c = a + b; 243 | require(c >= a, "SafeMath: addition overflow"); 244 | 245 | return c; 246 | } 247 | 248 | /** 249 | * @dev Returns the subtraction of two unsigned integers, reverting on 250 | * overflow (when the result is negative). 251 | * 252 | * Counterpart to Solidity's `-` operator. 253 | * 254 | * Requirements: 255 | * 256 | * - Subtraction cannot overflow. 257 | */ 258 | function sub(uint256 a, uint256 b) internal pure returns (uint256) { 259 | return sub(a, b, "SafeMath: subtraction overflow"); 260 | } 261 | 262 | /** 263 | * @dev Returns the subtraction of two unsigned integers, reverting with custom message on 264 | * overflow (when the result is negative). 265 | * 266 | * Counterpart to Solidity's `-` operator. 267 | * 268 | * Requirements: 269 | * 270 | * - Subtraction cannot overflow. 271 | */ 272 | function sub( 273 | uint256 a, 274 | uint256 b, 275 | string memory errorMessage 276 | ) internal pure returns (uint256) { 277 | require(b <= a, errorMessage); 278 | uint256 c = a - b; 279 | 280 | return c; 281 | } 282 | 283 | /** 284 | * @dev Returns the multiplication of two unsigned integers, reverting on 285 | * overflow. 286 | * 287 | * Counterpart to Solidity's `*` operator. 288 | * 289 | * Requirements: 290 | * 291 | * - Multiplication cannot overflow. 292 | */ 293 | function mul(uint256 a, uint256 b) internal pure returns (uint256) { 294 | // Gas optimization: this is cheaper than requiring 'a' not being zero, but the 295 | // benefit is lost if 'b' is also tested. 296 | // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522 297 | if (a == 0) { 298 | return 0; 299 | } 300 | 301 | uint256 c = a * b; 302 | require(c / a == b, "SafeMath: multiplication overflow"); 303 | 304 | return c; 305 | } 306 | 307 | /** 308 | * @dev Returns the integer division of two unsigned integers. Reverts on 309 | * division by zero. The result is rounded towards zero. 310 | * 311 | * Counterpart to Solidity's `/` operator. Note: this function uses a 312 | * `revert` opcode (which leaves remaining gas untouched) while Solidity 313 | * uses an invalid opcode to revert (consuming all remaining gas). 314 | * 315 | * Requirements: 316 | * 317 | * - The divisor cannot be zero. 318 | */ 319 | function div(uint256 a, uint256 b) internal pure returns (uint256) { 320 | return div(a, b, "SafeMath: division by zero"); 321 | } 322 | 323 | /** 324 | * @dev Returns the integer division of two unsigned integers. Reverts with custom message on 325 | * division by zero. The result is rounded towards zero. 326 | * 327 | * Counterpart to Solidity's `/` operator. Note: this function uses a 328 | * `revert` opcode (which leaves remaining gas untouched) while Solidity 329 | * uses an invalid opcode to revert (consuming all remaining gas). 330 | * 331 | * Requirements: 332 | * 333 | * - The divisor cannot be zero. 334 | */ 335 | function div( 336 | uint256 a, 337 | uint256 b, 338 | string memory errorMessage 339 | ) internal pure returns (uint256) { 340 | require(b > 0, errorMessage); 341 | uint256 c = a / b; 342 | // assert(a == b * c + a % b); // There is no case in which this doesn't hold 343 | 344 | return c; 345 | } 346 | 347 | /** 348 | * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), 349 | * Reverts when dividing by zero. 350 | * 351 | * Counterpart to Solidity's `%` operator. This function uses a `revert` 352 | * opcode (which leaves remaining gas untouched) while Solidity uses an 353 | * invalid opcode to revert (consuming all remaining gas). 354 | * 355 | * Requirements: 356 | * 357 | * - The divisor cannot be zero. 358 | */ 359 | function mod(uint256 a, uint256 b) internal pure returns (uint256) { 360 | return mod(a, b, "SafeMath: modulo by zero"); 361 | } 362 | 363 | /** 364 | * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo), 365 | * Reverts with custom message when dividing by zero. 366 | * 367 | * Counterpart to Solidity's `%` operator. This function uses a `revert` 368 | * opcode (which leaves remaining gas untouched) while Solidity uses an 369 | * invalid opcode to revert (consuming all remaining gas). 370 | * 371 | * Requirements: 372 | * 373 | * - The divisor cannot be zero. 374 | */ 375 | function mod( 376 | uint256 a, 377 | uint256 b, 378 | string memory errorMessage 379 | ) internal pure returns (uint256) { 380 | require(b != 0, errorMessage); 381 | return a % b; 382 | } 383 | 384 | function min(uint256 x, uint256 y) internal pure returns (uint256 z) { 385 | z = x < y ? x : y; 386 | } 387 | 388 | // babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method) 389 | function sqrt(uint256 y) internal pure returns (uint256 z) { 390 | if (y > 3) { 391 | z = y; 392 | uint256 x = y / 2 + 1; 393 | while (x < z) { 394 | z = x; 395 | x = (y / x + x) / 2; 396 | } 397 | } else if (y != 0) { 398 | z = 1; 399 | } 400 | } 401 | } 402 | 403 | // 404 | /** 405 | * @dev Collection of functions related to the address type 406 | */ 407 | library Address { 408 | /** 409 | * @dev Returns true if `account` is a contract. 410 | * 411 | * [IMPORTANT] 412 | * ==== 413 | * It is unsafe to assume that an address for which this function returns 414 | * false is an externally-owned account (EOA) and not a contract. 415 | * 416 | * Among others, `isContract` will return false for the following 417 | * types of addresses: 418 | * 419 | * - an externally-owned account 420 | * - a contract in construction 421 | * - an address where a contract will be created 422 | * - an address where a contract lived, but was destroyed 423 | * ==== 424 | */ 425 | function isContract(address account) internal view returns (bool) { 426 | // According to EIP-1052, 0x0 is the value returned for not-yet created accounts 427 | // and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned 428 | // for accounts without code, i.e. `keccak256('')` 429 | bytes32 codehash; 430 | bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470; 431 | // solhint-disable-next-line no-inline-assembly 432 | assembly { 433 | codehash := extcodehash(account) 434 | } 435 | return (codehash != accountHash && codehash != 0x0); 436 | } 437 | 438 | /** 439 | * @dev Replacement for Solidity's `transfer`: sends `amount` wei to 440 | * `recipient`, forwarding all available gas and reverting on errors. 441 | * 442 | * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost 443 | * of certain opcodes, possibly making contracts go over the 2300 gas limit 444 | * imposed by `transfer`, making them unable to receive funds via 445 | * `transfer`. {sendValue} removes this limitation. 446 | * 447 | * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. 448 | * 449 | * IMPORTANT: because control is transferred to `recipient`, care must be 450 | * taken to not create reentrancy vulnerabilities. Consider using 451 | * {ReentrancyGuard} or the 452 | * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. 453 | */ 454 | function sendValue(address payable recipient, uint256 amount) internal { 455 | require( 456 | address(this).balance >= amount, 457 | "Address: insufficient balance" 458 | ); 459 | 460 | // solhint-disable-next-line avoid-low-level-calls, avoid-call-value 461 | (bool success, ) = recipient.call{value: amount}(""); 462 | require( 463 | success, 464 | "Address: unable to send value, recipient may have reverted" 465 | ); 466 | } 467 | 468 | /** 469 | * @dev Performs a Solidity function call using a low level `call`. A 470 | * plain`call` is an unsafe replacement for a function call: use this 471 | * function instead. 472 | * 473 | * If `target` reverts with a revert reason, it is bubbled up by this 474 | * function (like regular Solidity function calls). 475 | * 476 | * Returns the raw returned data. To convert to the expected return value, 477 | * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. 478 | * 479 | * Requirements: 480 | * 481 | * - `target` must be a contract. 482 | * - calling `target` with `data` must not revert. 483 | * 484 | * _Available since v3.1._ 485 | */ 486 | function functionCall(address target, bytes memory data) 487 | internal 488 | returns (bytes memory) 489 | { 490 | return functionCall(target, data, "Address: low-level call failed"); 491 | } 492 | 493 | /** 494 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with 495 | * `errorMessage` as a fallback revert reason when `target` reverts. 496 | * 497 | * _Available since v3.1._ 498 | */ 499 | function functionCall( 500 | address target, 501 | bytes memory data, 502 | string memory errorMessage 503 | ) internal returns (bytes memory) { 504 | return _functionCallWithValue(target, data, 0, errorMessage); 505 | } 506 | 507 | /** 508 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], 509 | * but also transferring `value` wei to `target`. 510 | * 511 | * Requirements: 512 | * 513 | * - the calling contract must have an ETH balance of at least `value`. 514 | * - the called Solidity function must be `payable`. 515 | * 516 | * _Available since v3.1._ 517 | */ 518 | function functionCallWithValue( 519 | address target, 520 | bytes memory data, 521 | uint256 value 522 | ) internal returns (bytes memory) { 523 | return 524 | functionCallWithValue( 525 | target, 526 | data, 527 | value, 528 | "Address: low-level call with value failed" 529 | ); 530 | } 531 | 532 | /** 533 | * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but 534 | * with `errorMessage` as a fallback revert reason when `target` reverts. 535 | * 536 | * _Available since v3.1._ 537 | */ 538 | function functionCallWithValue( 539 | address target, 540 | bytes memory data, 541 | uint256 value, 542 | string memory errorMessage 543 | ) internal returns (bytes memory) { 544 | require( 545 | address(this).balance >= value, 546 | "Address: insufficient balance for call" 547 | ); 548 | return _functionCallWithValue(target, data, value, errorMessage); 549 | } 550 | 551 | function _functionCallWithValue( 552 | address target, 553 | bytes memory data, 554 | uint256 weiValue, 555 | string memory errorMessage 556 | ) private returns (bytes memory) { 557 | require(isContract(target), "Address: call to non-contract"); 558 | 559 | // solhint-disable-next-line avoid-low-level-calls 560 | (bool success, bytes memory returndata) = target.call{value: weiValue}( 561 | data 562 | ); 563 | if (success) { 564 | return returndata; 565 | } else { 566 | // Look for revert reason and bubble it up if present 567 | if (returndata.length > 0) { 568 | // The easiest way to bubble the revert reason is using memory via assembly 569 | 570 | // solhint-disable-next-line no-inline-assembly 571 | assembly { 572 | let returndata_size := mload(returndata) 573 | revert(add(32, returndata), returndata_size) 574 | } 575 | } else { 576 | revert(errorMessage); 577 | } 578 | } 579 | } 580 | } 581 | 582 | // 583 | /** 584 | * @dev Implementation of the {IERC20} interface. 585 | * 586 | * This implementation is agnostic to the way tokens are created. This means 587 | * that a supply mechanism has to be added in a derived contract using {_mint}. 588 | * For a generic mechanism see {ERC20PresetMinterPauser}. 589 | * 590 | * TIP: For a detailed writeup see our guide 591 | * https://forum.zeppelin.solutions/t/how-to-implement-ERC20-supply-mechanisms/226[How 592 | * to implement supply mechanisms]. 593 | * 594 | * We have followed general OpenZeppelin guidelines: functions revert instead 595 | * of returning `false` on failure. This behavior is nonetheless conventional 596 | * and does not conflict with the expectations of ERC20 applications. 597 | * 598 | * Additionally, an {Approval} event is emitted on calls to {transferFrom}. 599 | * This allows applications to reconstruct the allowance for all accounts just 600 | * by listening to said events. Other implementations of the EIP may not emit 601 | * these events, as it isn't required by the specification. 602 | * 603 | * Finally, the non-standard {decreaseAllowance} and {increaseAllowance} 604 | * functions have been added to mitigate the well-known issues around setting 605 | * allowances. See {IERC20-approve}. 606 | */ 607 | contract ERC20 is Context, IERC20, Ownable { 608 | using SafeMath for uint256; 609 | using Address for address; 610 | 611 | mapping(address => uint256) private _balances; 612 | 613 | mapping(address => mapping(address => uint256)) private _allowances; 614 | 615 | uint256 private _totalSupply; 616 | 617 | string private _name; 618 | string private _symbol; 619 | uint8 private _decimals; 620 | 621 | /** 622 | * @dev Sets the values for {name} and {symbol}, initializes {decimals} with 623 | * a default value of 18. 624 | * 625 | * To select a different value for {decimals}, use {_setupDecimals}. 626 | * 627 | * All three of these values are immutable: they can only be set once during 628 | * construction. 629 | */ 630 | constructor(string memory name, string memory symbol) public { 631 | _name = name; 632 | _symbol = symbol; 633 | _decimals = 18; 634 | } 635 | 636 | /** 637 | * @dev Returns the bep token owner. 638 | */ 639 | function getOwner() external view override returns (address) { 640 | return owner(); 641 | } 642 | 643 | /** 644 | * @dev Returns the token name. 645 | */ 646 | function name() public view override returns (string memory) { 647 | return _name; 648 | } 649 | 650 | /** 651 | * @dev Returns the token decimals. 652 | */ 653 | function decimals() public view override returns (uint8) { 654 | return _decimals; 655 | } 656 | 657 | /** 658 | * @dev Returns the token symbol. 659 | */ 660 | function symbol() public view override returns (string memory) { 661 | return _symbol; 662 | } 663 | 664 | /** 665 | * @dev See {ERC20-totalSupply}. 666 | */ 667 | function totalSupply() public view override returns (uint256) { 668 | return _totalSupply; 669 | } 670 | 671 | /** 672 | * @dev See {ERC20-balanceOf}. 673 | */ 674 | function balanceOf(address account) public view override returns (uint256) { 675 | return _balances[account]; 676 | } 677 | 678 | /** 679 | * @dev See {ERC20-transfer}. 680 | * 681 | * Requirements: 682 | * 683 | * - `recipient` cannot be the zero address. 684 | * - the caller must have a balance of at least `amount`. 685 | */ 686 | function transfer(address recipient, uint256 amount) 687 | public 688 | override 689 | returns (bool) 690 | { 691 | _transfer(_msgSender(), recipient, amount); 692 | return true; 693 | } 694 | 695 | /** 696 | * @dev See {ERC20-allowance}. 697 | */ 698 | function allowance(address owner, address spender) 699 | public 700 | view 701 | override 702 | returns (uint256) 703 | { 704 | return _allowances[owner][spender]; 705 | } 706 | 707 | /** 708 | * @dev See {ERC20-approve}. 709 | * 710 | * Requirements: 711 | * 712 | * - `spender` cannot be the zero address. 713 | */ 714 | function approve(address spender, uint256 amount) 715 | public 716 | override 717 | returns (bool) 718 | { 719 | _approve(_msgSender(), spender, amount); 720 | return true; 721 | } 722 | 723 | /** 724 | * @dev See {ERC20-transferFrom}. 725 | * 726 | * Emits an {Approval} event indicating the updated allowance. This is not 727 | * required by the EIP. See the note at the beginning of {ERC20}; 728 | * 729 | * Requirements: 730 | * - `sender` and `recipient` cannot be the zero address. 731 | * - `sender` must have a balance of at least `amount`. 732 | * - the caller must have allowance for `sender`'s tokens of at least 733 | * `amount`. 734 | */ 735 | function transferFrom( 736 | address sender, 737 | address recipient, 738 | uint256 amount 739 | ) public override returns (bool) { 740 | _transfer(sender, recipient, amount); 741 | _approve( 742 | sender, 743 | _msgSender(), 744 | _allowances[sender][_msgSender()].sub( 745 | amount, 746 | "ERC20: transfer amount exceeds allowance" 747 | ) 748 | ); 749 | return true; 750 | } 751 | 752 | /** 753 | * @dev Atomically increases the allowance granted to `spender` by the caller. 754 | * 755 | * This is an alternative to {approve} that can be used as a mitigation for 756 | * problems described in {ERC20-approve}. 757 | * 758 | * Emits an {Approval} event indicating the updated allowance. 759 | * 760 | * Requirements: 761 | * 762 | * - `spender` cannot be the zero address. 763 | */ 764 | function increaseAllowance(address spender, uint256 addedValue) 765 | public 766 | returns (bool) 767 | { 768 | _approve( 769 | _msgSender(), 770 | spender, 771 | _allowances[_msgSender()][spender].add(addedValue) 772 | ); 773 | return true; 774 | } 775 | 776 | /** 777 | * @dev Atomically decreases the allowance granted to `spender` by the caller. 778 | * 779 | * This is an alternative to {approve} that can be used as a mitigation for 780 | * problems described in {ERC20-approve}. 781 | * 782 | * Emits an {Approval} event indicating the updated allowance. 783 | * 784 | * Requirements: 785 | * 786 | * - `spender` cannot be the zero address. 787 | * - `spender` must have allowance for the caller of at least 788 | * `subtractedValue`. 789 | */ 790 | function decreaseAllowance(address spender, uint256 subtractedValue) 791 | public 792 | returns (bool) 793 | { 794 | _approve( 795 | _msgSender(), 796 | spender, 797 | _allowances[_msgSender()][spender].sub( 798 | subtractedValue, 799 | "ERC20: decreased allowance below zero" 800 | ) 801 | ); 802 | return true; 803 | } 804 | 805 | /** 806 | * @dev Creates `amount` tokens and assigns them to `msg.sender`, increasing 807 | * the total supply. 808 | * 809 | * Requirements 810 | * 811 | * - `msg.sender` must be the token owner 812 | */ 813 | function mint(uint256 amount) public onlyOwner returns (bool) { 814 | _mint(_msgSender(), amount); 815 | return true; 816 | } 817 | 818 | /** 819 | * @dev Moves tokens `amount` from `sender` to `recipient`. 820 | * 821 | * This is internal function is equivalent to {transfer}, and can be used to 822 | * e.g. implement automatic token fees, slashing mechanisms, etc. 823 | * 824 | * Emits a {Transfer} event. 825 | * 826 | * Requirements: 827 | * 828 | * - `sender` cannot be the zero address. 829 | * - `recipient` cannot be the zero address. 830 | * - `sender` must have a balance of at least `amount`. 831 | */ 832 | function _transfer( 833 | address sender, 834 | address recipient, 835 | uint256 amount 836 | ) internal { 837 | require(sender != address(0), "ERC20: transfer from the zero address"); 838 | require(recipient != address(0), "ERC20: transfer to the zero address"); 839 | 840 | _balances[sender] = _balances[sender].sub( 841 | amount, 842 | "ERC20: transfer amount exceeds balance" 843 | ); 844 | _balances[recipient] = _balances[recipient].add(amount); 845 | emit Transfer(sender, recipient, amount); 846 | } 847 | 848 | /** @dev Creates `amount` tokens and assigns them to `account`, increasing 849 | * the total supply. 850 | * 851 | * Emits a {Transfer} event with `from` set to the zero address. 852 | * 853 | * Requirements 854 | * 855 | * - `to` cannot be the zero address. 856 | */ 857 | function _mint(address account, uint256 amount) internal { 858 | require(account != address(0), "ERC20: mint to the zero address"); 859 | 860 | _totalSupply = _totalSupply.add(amount); 861 | _balances[account] = _balances[account].add(amount); 862 | emit Transfer(address(0), account, amount); 863 | } 864 | 865 | /** 866 | * @dev Destroys `amount` tokens from `account`, reducing the 867 | * total supply. 868 | * 869 | * Emits a {Transfer} event with `to` set to the zero address. 870 | * 871 | * Requirements 872 | * 873 | * - `account` cannot be the zero address. 874 | * - `account` must have at least `amount` tokens. 875 | */ 876 | function _burn(address account, uint256 amount) internal { 877 | require(account != address(0), "ERC20: burn from the zero address"); 878 | 879 | _balances[account] = _balances[account].sub( 880 | amount, 881 | "ERC20: burn amount exceeds balance" 882 | ); 883 | _totalSupply = _totalSupply.sub(amount); 884 | emit Transfer(account, address(0), amount); 885 | } 886 | 887 | /** 888 | * @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens. 889 | * 890 | * This is internal function is equivalent to `approve`, and can be used to 891 | * e.g. set automatic allowances for certain subsystems, etc. 892 | * 893 | * Emits an {Approval} event. 894 | * 895 | * Requirements: 896 | * 897 | * - `owner` cannot be the zero address. 898 | * - `spender` cannot be the zero address. 899 | */ 900 | function _approve( 901 | address owner, 902 | address spender, 903 | uint256 amount 904 | ) internal { 905 | require(owner != address(0), "ERC20: approve from the zero address"); 906 | require(spender != address(0), "ERC20: approve to the zero address"); 907 | 908 | _allowances[owner][spender] = amount; 909 | emit Approval(owner, spender, amount); 910 | } 911 | 912 | /** 913 | * @dev Destroys `amount` tokens from `account`.`amount` is then deducted 914 | * from the caller's allowance. 915 | * 916 | * See {_burn} and {_approve}. 917 | */ 918 | function _burnFrom(address account, uint256 amount) internal { 919 | _burn(account, amount); 920 | _approve( 921 | account, 922 | _msgSender(), 923 | _allowances[account][_msgSender()].sub( 924 | amount, 925 | "ERC20: burn amount exceeds allowance" 926 | ) 927 | ); 928 | } 929 | } 930 | 931 | // FusionXToken with Governance. 932 | contract FusionXToken is ERC20("FusionX", "FSX") { 933 | /// @notice Creates `_amount` token to `_to`. Must only be called by the owner (MasterChef). 934 | function mint(address _to, uint256 _amount) public onlyOwner { 935 | _mint(_to, _amount); 936 | _moveDelegates(address(0), _delegates[_to], _amount); 937 | } 938 | 939 | // Copied and modified from YAM code: 940 | // https://github.com/yam-finance/yam-protocol/blob/master/contracts/token/YAMGovernanceStorage.sol 941 | // https://github.com/yam-finance/yam-protocol/blob/master/contracts/token/YAMGovernance.sol 942 | // Which is copied and modified from COMPOUND: 943 | // https://github.com/compound-finance/compound-protocol/blob/master/contracts/Governance/Comp.sol 944 | 945 | /// @notice A record of each accounts delegate 946 | mapping(address => address) internal _delegates; 947 | 948 | /// @notice A checkpoint for marking number of votes from a given block 949 | struct Checkpoint { 950 | uint32 fromBlock; 951 | uint256 votes; 952 | } 953 | 954 | /// @notice A record of votes checkpoints for each account, by index 955 | mapping(address => mapping(uint32 => Checkpoint)) public checkpoints; 956 | 957 | /// @notice The number of checkpoints for each account 958 | mapping(address => uint32) public numCheckpoints; 959 | 960 | /// @notice The EIP-712 typehash for the contract's domain 961 | bytes32 public constant DOMAIN_TYPEHASH = 962 | keccak256( 963 | "EIP712Domain(string name,uint256 chainId,address verifyingContract)" 964 | ); 965 | 966 | /// @notice The EIP-712 typehash for the delegation struct used by the contract 967 | bytes32 public constant DELEGATION_TYPEHASH = 968 | keccak256("Delegation(address delegatee,uint256 nonce,uint256 expiry)"); 969 | 970 | /// @notice A record of states for signing / validating signatures 971 | mapping(address => uint256) public nonces; 972 | 973 | /// @notice An event thats emitted when an account changes its delegate 974 | event DelegateChanged( 975 | address indexed delegator, 976 | address indexed fromDelegate, 977 | address indexed toDelegate 978 | ); 979 | 980 | /// @notice An event thats emitted when a delegate account's vote balance changes 981 | event DelegateVotesChanged( 982 | address indexed delegate, 983 | uint256 previousBalance, 984 | uint256 newBalance 985 | ); 986 | 987 | /** 988 | * @notice Delegate votes from `msg.sender` to `delegatee` 989 | * @param delegator The address to get delegatee for 990 | */ 991 | function delegates(address delegator) external view returns (address) { 992 | return _delegates[delegator]; 993 | } 994 | 995 | /** 996 | * @notice Delegate votes from `msg.sender` to `delegatee` 997 | * @param delegatee The address to delegate votes to 998 | */ 999 | function delegate(address delegatee) external { 1000 | return _delegate(msg.sender, delegatee); 1001 | } 1002 | 1003 | /** 1004 | * @notice Delegates votes from signatory to `delegatee` 1005 | * @param delegatee The address to delegate votes to 1006 | * @param nonce The contract state required to match the signature 1007 | * @param expiry The time at which to expire the signature 1008 | * @param v The recovery byte of the signature 1009 | * @param r Half of the ECDSA signature pair 1010 | * @param s Half of the ECDSA signature pair 1011 | */ 1012 | function delegateBySig( 1013 | address delegatee, 1014 | uint256 nonce, 1015 | uint256 expiry, 1016 | uint8 v, 1017 | bytes32 r, 1018 | bytes32 s 1019 | ) external { 1020 | bytes32 domainSeparator = keccak256( 1021 | abi.encode( 1022 | DOMAIN_TYPEHASH, 1023 | keccak256(bytes(name())), 1024 | getChainId(), 1025 | address(this) 1026 | ) 1027 | ); 1028 | 1029 | bytes32 structHash = keccak256( 1030 | abi.encode(DELEGATION_TYPEHASH, delegatee, nonce, expiry) 1031 | ); 1032 | 1033 | bytes32 digest = keccak256( 1034 | abi.encodePacked("\x19\x01", domainSeparator, structHash) 1035 | ); 1036 | 1037 | address signatory = ecrecover(digest, v, r, s); 1038 | require( 1039 | signatory != address(0), 1040 | "FusionX::delegateBySig: invalid signature" 1041 | ); 1042 | require( 1043 | nonce == nonces[signatory]++, 1044 | "FusionX::delegateBySig: invalid nonce" 1045 | ); 1046 | require(now <= expiry, "FusionX::delegateBySig: signature expired"); 1047 | return _delegate(signatory, delegatee); 1048 | } 1049 | 1050 | /** 1051 | * @notice Gets the current votes balance for `account` 1052 | * @param account The address to get votes balance 1053 | * @return The number of current votes for `account` 1054 | */ 1055 | function getCurrentVotes(address account) external view returns (uint256) { 1056 | uint32 nCheckpoints = numCheckpoints[account]; 1057 | return 1058 | nCheckpoints > 0 ? checkpoints[account][nCheckpoints - 1].votes : 0; 1059 | } 1060 | 1061 | /** 1062 | * @notice Determine the prior number of votes for an account as of a block number 1063 | * @dev Block number must be a finalized block or else this function will revert to prevent misinformation. 1064 | * @param account The address of the account to check 1065 | * @param blockNumber The block number to get the vote balance at 1066 | * @return The number of votes the account had as of the given block 1067 | */ 1068 | function getPriorVotes(address account, uint256 blockNumber) 1069 | external 1070 | view 1071 | returns (uint256) 1072 | { 1073 | require( 1074 | blockNumber < block.number, 1075 | "FusionX::getPriorVotes: not yet determined" 1076 | ); 1077 | 1078 | uint32 nCheckpoints = numCheckpoints[account]; 1079 | if (nCheckpoints == 0) { 1080 | return 0; 1081 | } 1082 | 1083 | // First check most recent balance 1084 | if (checkpoints[account][nCheckpoints - 1].fromBlock <= blockNumber) { 1085 | return checkpoints[account][nCheckpoints - 1].votes; 1086 | } 1087 | 1088 | // Next check implicit zero balance 1089 | if (checkpoints[account][0].fromBlock > blockNumber) { 1090 | return 0; 1091 | } 1092 | 1093 | uint32 lower = 0; 1094 | uint32 upper = nCheckpoints - 1; 1095 | while (upper > lower) { 1096 | uint32 center = upper - (upper - lower) / 2; // ceil, avoiding overflow 1097 | Checkpoint memory cp = checkpoints[account][center]; 1098 | if (cp.fromBlock == blockNumber) { 1099 | return cp.votes; 1100 | } else if (cp.fromBlock < blockNumber) { 1101 | lower = center; 1102 | } else { 1103 | upper = center - 1; 1104 | } 1105 | } 1106 | return checkpoints[account][lower].votes; 1107 | } 1108 | 1109 | function _delegate(address delegator, address delegatee) internal { 1110 | address currentDelegate = _delegates[delegator]; 1111 | uint256 delegatorBalance = balanceOf(delegator); // balance of underlying FSXs (not scaled); 1112 | _delegates[delegator] = delegatee; 1113 | 1114 | emit DelegateChanged(delegator, currentDelegate, delegatee); 1115 | 1116 | _moveDelegates(currentDelegate, delegatee, delegatorBalance); 1117 | } 1118 | 1119 | function _moveDelegates( 1120 | address srcRep, 1121 | address dstRep, 1122 | uint256 amount 1123 | ) internal { 1124 | if (srcRep != dstRep && amount > 0) { 1125 | if (srcRep != address(0)) { 1126 | // decrease old representative 1127 | uint32 srcRepNum = numCheckpoints[srcRep]; 1128 | uint256 srcRepOld = srcRepNum > 0 1129 | ? checkpoints[srcRep][srcRepNum - 1].votes 1130 | : 0; 1131 | uint256 srcRepNew = srcRepOld.sub(amount); 1132 | _writeCheckpoint(srcRep, srcRepNum, srcRepOld, srcRepNew); 1133 | } 1134 | 1135 | if (dstRep != address(0)) { 1136 | // increase new representative 1137 | uint32 dstRepNum = numCheckpoints[dstRep]; 1138 | uint256 dstRepOld = dstRepNum > 0 1139 | ? checkpoints[dstRep][dstRepNum - 1].votes 1140 | : 0; 1141 | uint256 dstRepNew = dstRepOld.add(amount); 1142 | _writeCheckpoint(dstRep, dstRepNum, dstRepOld, dstRepNew); 1143 | } 1144 | } 1145 | } 1146 | 1147 | function _writeCheckpoint( 1148 | address delegatee, 1149 | uint32 nCheckpoints, 1150 | uint256 oldVotes, 1151 | uint256 newVotes 1152 | ) internal { 1153 | uint32 blockNumber = safe32( 1154 | block.number, 1155 | "FusionX::_writeCheckpoint: block number exceeds 32 bits" 1156 | ); 1157 | 1158 | if ( 1159 | nCheckpoints > 0 && 1160 | checkpoints[delegatee][nCheckpoints - 1].fromBlock == blockNumber 1161 | ) { 1162 | checkpoints[delegatee][nCheckpoints - 1].votes = newVotes; 1163 | } else { 1164 | checkpoints[delegatee][nCheckpoints] = Checkpoint( 1165 | blockNumber, 1166 | newVotes 1167 | ); 1168 | numCheckpoints[delegatee] = nCheckpoints + 1; 1169 | } 1170 | 1171 | emit DelegateVotesChanged(delegatee, oldVotes, newVotes); 1172 | } 1173 | 1174 | function safe32(uint256 n, string memory errorMessage) 1175 | internal 1176 | pure 1177 | returns (uint32) 1178 | { 1179 | require(n < 2**32, errorMessage); 1180 | return uint32(n); 1181 | } 1182 | 1183 | function getChainId() internal pure returns (uint256) { 1184 | uint256 chainId; 1185 | assembly { 1186 | chainId := chainid() 1187 | } 1188 | return chainId; 1189 | } 1190 | } 1191 | --------------------------------------------------------------------------------