APE Balance
APE Value
$0.00More Info
Private Name Tags
Multichain Info
No addresses found
Contract Name:
Compiler Version
Optimization Enabled:
Yes with 200 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT // ArchetypeLogic v0.7.0 // // d8888 888 888 // d88888 888 888 // d88P888 888 888 // d88P 888 888d888 .d8888b 88888b. .d88b. 888888 888 888 88888b. .d88b. // d88P 888 888P" d88P" 888 "88b d8P Y8b 888 888 888 888 "88b d8P Y8b // d88P 888 888 888 888 888 88888888 888 888 888 888 888 88888888 // d8888888888 888 Y88b. 888 888 Y8b. Y88b. Y88b 888 888 d88P Y8b. // d88P 888 888 "Y8888P 888 888 "Y8888 "Y888 "Y88888 88888P" "Y8888 // 888 888 // Y8b d88P 888 // "Y88P" 888 pragma solidity ^0.8.4; import "./ArchetypePayouts.sol"; import "@openzeppelin/contracts/token/ERC721/IERC721.sol"; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; import "solady/src/utils/MerkleProofLib.sol"; import "solady/src/utils/ECDSA.sol"; error InvalidConfig(); error MintNotYetStarted(); error MintEnded(); error WalletUnauthorizedToMint(); error InsufficientEthSent(); error ExcessiveEthSent(); error Erc20BalanceTooLow(); error MaxSupplyExceeded(); error ListMaxSupplyExceeded(); error NumberOfMintsExceeded(); error MintingPaused(); error InvalidReferral(); error InvalidSignature(); error MaxBatchSizeExceeded(); error BurnToMintDisabled(); error NotTokenOwner(); error NotPlatform(); error NotOwner(); error NotShareholder(); error NotApprovedToTransfer(); error InvalidAmountOfTokens(); error WrongPassword(); error LockedForever(); error Blacklisted(); // // STRUCTS // struct Auth { bytes32 key; bytes32[] proof; } struct MintTier { uint16 numMints; uint16 mintDiscount; //BPS } struct Discount { uint16 affiliateDiscount; //BPS MintTier[] mintTiers; } struct Config { string baseUri; address affiliateSigner; uint32 maxSupply; uint32 maxBatchSize; uint16 affiliateFee; //BPS uint16 defaultRoyalty; //BPS Discount discounts; } // allocation splits for withdrawn owner funds, must sum to 100% struct PayoutConfig { uint16 ownerBps; uint16 platformBps; uint16 partnerBps; uint16 superAffiliateBps; address partner; address superAffiliate; } struct Options { bool uriLocked; bool maxSupplyLocked; bool affiliateFeeLocked; bool discountsLocked; bool ownerAltPayoutLocked; } struct DutchInvite { uint128 price; uint128 reservePrice; uint128 delta; uint32 start; uint32 end; uint32 limit; uint32 maxSupply; uint32 interval; uint32 unitSize; // mint 1 get x address tokenAddress; bool isBlacklist; } struct Invite { uint128 price; uint32 start; uint32 end; uint32 limit; uint32 maxSupply; uint32 unitSize; // mint 1 get x address tokenAddress; bool isBlacklist; } struct BurnConfig { IERC721 archetype; address burnAddress; bool enabled; bool reversed; // side of the ratio (false=burn {ratio} get 1, true=burn 1 get {ratio}) uint16 ratio; uint64 start; uint64 limit; } struct ValidationArgs { address owner; address affiliate; uint256 quantity; uint256 curSupply; uint256 listSupply; } // UPDATE CONSTANTS BEFORE DEPLOY address constant PLATFORM = 0xe37A4c5C1384a9eb43C3a1941462FC300b810E38; address constant BATCH = 0xEa49e7bE310716dA66725c84a5127d2F6A202eAf; address constant PAYOUTS = 0xaAfdfA4a935d8511bF285af11A0544ce7e4a1199; uint16 constant MAXBPS = 5000; // max fee or discount is 50% uint32 constant UINT32_MAX = 2**32 - 1; library ArchetypeLogic { // // EVENTS // event Invited(bytes32 indexed key, bytes32 indexed cid); event Referral(address indexed affiliate, address token, uint128 wad, uint256 numMints); event Withdrawal(address indexed src, address token, uint128 wad); // calculate price based on affiliate usage and mint discounts function computePrice( DutchInvite storage invite, Discount storage discounts, uint256 numTokens, uint256 listSupply, bool affiliateUsed ) public view returns (uint256) { uint256 price = invite.price; uint256 cost; if (invite.interval > 0 && invite.delta > 0) { // Apply dutch pricing uint256 diff = (((block.timestamp - invite.start) / invite.interval) * invite.delta); if (price > invite.reservePrice) { if (diff > price - invite.reservePrice) { price = invite.reservePrice; } else { price = price - diff; } } else if (price < invite.reservePrice) { if (diff > invite.reservePrice - price) { price = invite.reservePrice; } else { price = price + diff; } } cost = price * numTokens; } else if (invite.interval == 0 && invite.delta > 0) { // Apply linear curve uint256 lastPrice = price + invite.delta * listSupply; cost = lastPrice * numTokens + (invite.delta * numTokens * (numTokens - 1)) / 2; } else { cost = price * numTokens; } if (affiliateUsed) { cost = cost - ((cost * discounts.affiliateDiscount) / 10000); } uint256 numMints = discounts.mintTiers.length; for (uint256 i; i < numMints; ) { uint256 tierNumMints = discounts.mintTiers[i].numMints; if (numTokens >= tierNumMints) { return cost - ((cost * discounts.mintTiers[i].mintDiscount) / 10000); } unchecked { ++i; } } return cost; } function validateMint( DutchInvite storage i, Config storage config, Auth calldata auth, mapping(address => mapping(bytes32 => uint256)) storage minted, bytes calldata signature, ValidationArgs memory args, uint128 cost ) public view { address msgSender = _msgSender(); if (args.affiliate != address(0)) { if ( args.affiliate == PLATFORM || args.affiliate == args.owner || args.affiliate == msgSender ) { revert InvalidReferral(); } validateAffiliate(args.affiliate, signature, config.affiliateSigner); } if (i.limit == 0) { revert MintingPaused(); } if (!i.isBlacklist) { if (!verify(auth, i.tokenAddress, msgSender)) { revert WalletUnauthorizedToMint(); } } else { if (verify(auth, i.tokenAddress, msgSender)) { revert Blacklisted(); } } if (block.timestamp < i.start) { revert MintNotYetStarted(); } if (i.end > i.start && block.timestamp > i.end) { revert MintEnded(); } if (i.limit < i.maxSupply) { uint256 totalAfterMint = minted[msgSender][auth.key] + args.quantity; if (totalAfterMint > i.limit) { revert NumberOfMintsExceeded(); } } if (i.maxSupply < config.maxSupply) { uint256 totalAfterMint = args.listSupply + args.quantity; if (totalAfterMint > i.maxSupply) { revert ListMaxSupplyExceeded(); } } if (args.quantity > config.maxBatchSize) { revert MaxBatchSizeExceeded(); } if ((args.curSupply + args.quantity) > config.maxSupply) { revert MaxSupplyExceeded(); } if (i.tokenAddress != address(0)) { IERC20 erc20Token = IERC20(i.tokenAddress); if (erc20Token.allowance(msgSender, address(this)) < cost) { revert NotApprovedToTransfer(); } if (erc20Token.balanceOf(msgSender) < cost) { revert Erc20BalanceTooLow(); } if (msg.value != 0) { revert ExcessiveEthSent(); } } else { if (msg.value < cost) { revert InsufficientEthSent(); } } } function validateBurnToMint( Config storage config, BurnConfig storage burnConfig, uint256[] calldata tokenIds, uint256 curSupply, mapping(address => mapping(bytes32 => uint256)) storage minted ) public view { if (!burnConfig.enabled) { revert BurnToMintDisabled(); } if (block.timestamp < burnConfig.start) { revert MintNotYetStarted(); } // check if msgSender owns tokens and has correct approvals address msgSender = _msgSender(); for (uint256 i; i < tokenIds.length; ) { if (burnConfig.archetype.ownerOf(tokenIds[i]) != msgSender) { revert NotTokenOwner(); } unchecked { ++i; } } if (!burnConfig.archetype.isApprovedForAll(msgSender, address(this))) { revert NotApprovedToTransfer(); } uint256 quantity; if (burnConfig.reversed) { quantity = tokenIds.length * burnConfig.ratio; } else { if (tokenIds.length % burnConfig.ratio != 0) { revert InvalidAmountOfTokens(); } quantity = tokenIds.length / burnConfig.ratio; } if (quantity > config.maxBatchSize) { revert MaxBatchSizeExceeded(); } if (burnConfig.limit < config.maxSupply) { uint256 totalAfterMint = minted[msgSender][bytes32("burn")] + quantity; if (totalAfterMint > burnConfig.limit) { revert NumberOfMintsExceeded(); } } if ((curSupply + quantity) > config.maxSupply) { revert MaxSupplyExceeded(); } } function updateBalances( DutchInvite storage i, Config storage config, mapping(address => uint128) storage _ownerBalance, mapping(address => mapping(address => uint128)) storage _affiliateBalance, address affiliate, uint256 quantity, uint128 value ) public { address tokenAddress = i.tokenAddress; uint128 affiliateWad; if (affiliate != address(0)) { affiliateWad = (value * config.affiliateFee) / 10000; _affiliateBalance[affiliate][tokenAddress] += affiliateWad; emit Referral(affiliate, tokenAddress, affiliateWad, quantity); } uint128 balance = _ownerBalance[tokenAddress]; uint128 ownerWad = value - affiliateWad; _ownerBalance[tokenAddress] = balance + ownerWad; if (tokenAddress != address(0)) { IERC20 erc20Token = IERC20(tokenAddress); bool success = erc20Token.transferFrom(_msgSender(), address(this), value); if (!success) { revert TransferFailed(); } } } function withdrawTokensAffiliate( mapping(address => mapping(address => uint128)) storage _affiliateBalance, address[] calldata tokens ) public { address msgSender = _msgSender(); for (uint256 i; i < tokens.length; i++) { address tokenAddress = tokens[i]; uint128 wad = _affiliateBalance[msgSender][tokenAddress]; _affiliateBalance[msgSender][tokenAddress] = 0; if (wad == 0) { revert BalanceEmpty(); } if (tokenAddress == address(0)) { bool success = false; (success, ) = msgSender.call{ value: wad }(""); if (!success) { revert TransferFailed(); } } else { IERC20 erc20Token = IERC20(tokenAddress); bool success = erc20Token.transfer(msgSender, wad); if (!success) { revert TransferFailed(); } } emit Withdrawal(msgSender, tokenAddress, wad); } } function withdrawTokens( PayoutConfig storage payoutConfig, mapping(address => uint128) storage _ownerBalance, address owner, address[] calldata tokens ) public { address msgSender = _msgSender(); for (uint256 i; i < tokens.length; i++) { address tokenAddress = tokens[i]; uint128 wad; if ( msgSender == owner || msgSender == PLATFORM || msgSender == payoutConfig.partner || msgSender == payoutConfig.superAffiliate ) { wad = _ownerBalance[tokenAddress]; _ownerBalance[tokenAddress] = 0; } else { revert NotShareholder(); } if (wad == 0) { revert BalanceEmpty(); } address[] memory recipients = new address[](4); recipients[0] = owner; recipients[1] = PLATFORM; recipients[2] = payoutConfig.partner; recipients[3] = payoutConfig.superAffiliate; uint16[] memory splits = new uint16[](4); splits[0] = payoutConfig.ownerBps; splits[1] = payoutConfig.platformBps; splits[2] = payoutConfig.partnerBps; splits[3] = payoutConfig.superAffiliateBps; if (tokenAddress == address(0)) { ArchetypePayouts(PAYOUTS).updateBalances{ value: wad }( wad, tokenAddress, recipients, splits ); } else { ArchetypePayouts(PAYOUTS).updateBalances(wad, tokenAddress, recipients, splits); } emit Withdrawal(msgSender, tokenAddress, wad); } } function validateAffiliate( address affiliate, bytes calldata signature, address affiliateSigner ) public view { bytes32 signedMessagehash = ECDSA.toEthSignedMessageHash( keccak256(abi.encodePacked(affiliate)) ); address signer = ECDSA.recover(signedMessagehash, signature); if (signer != affiliateSigner) { revert InvalidSignature(); } } function verify( Auth calldata auth, address tokenAddress, address account ) public pure returns (bool) { // keys 0-255 and tokenAddress are public if (uint256(auth.key) <= 0xff || auth.key == keccak256(abi.encodePacked(tokenAddress))) { return true; } return MerkleProofLib.verify(auth.proof, auth.key, keccak256(abi.encodePacked(account))); } function _msgSender() internal view returns (address) { return msg.sender == BATCH ? tx.origin : msg.sender; } }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC20 standard as defined in the EIP. */ interface IERC20 { /** * @dev Emitted when `value` tokens are moved from one account (`from`) to * another (`to`). * * Note that `value` may be zero. */ event Transfer(address indexed from, address indexed to, uint256 value); /** * @dev Emitted when the allowance of a `spender` for an `owner` is set by * a call to {approve}. `value` is the new allowance. */ event Approval(address indexed owner, address indexed spender, uint256 value); /** * @dev Returns the amount of tokens in existence. */ function totalSupply() external view returns (uint256); /** * @dev Returns the amount of tokens owned by `account`. */ function balanceOf(address account) external view returns (uint256); /** * @dev Moves `amount` tokens from the caller's account to `to`. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transfer(address to, uint256 amount) external returns (bool); /** * @dev Returns the remaining number of tokens that `spender` will be * allowed to spend on behalf of `owner` through {transferFrom}. This is * zero by default. * * This value changes when {approve} or {transferFrom} are called. */ function allowance(address owner, address spender) external view returns (uint256); /** * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. * * Returns a boolean value indicating whether the operation succeeded. * * IMPORTANT: Beware that changing an allowance with this method brings the risk * that someone may use both the old and the new allowance by unfortunate * transaction ordering. One possible solution to mitigate this race * condition is to first reduce the spender's allowance to 0 and set the * desired value afterwards: * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 * * Emits an {Approval} event. */ function approve(address spender, uint256 amount) external returns (bool); /** * @dev Moves `amount` tokens from `from` to `to` using the * allowance mechanism. `amount` is then deducted from the caller's * allowance. * * Returns a boolean value indicating whether the operation succeeded. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 amount ) external returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts (last updated v4.8.0) (token/ERC721/IERC721.sol) pragma solidity ^0.8.0; import "../../utils/introspection/IERC165.sol"; /** * @dev Required interface of an ERC721 compliant contract. */ interface IERC721 is IERC165 { /** * @dev Emitted when `tokenId` token is transferred from `from` to `to`. */ event Transfer(address indexed from, address indexed to, uint256 indexed tokenId); /** * @dev Emitted when `owner` enables `approved` to manage the `tokenId` token. */ event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId); /** * @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets. */ event ApprovalForAll(address indexed owner, address indexed operator, bool approved); /** * @dev Returns the number of tokens in ``owner``'s account. */ function balanceOf(address owner) external view returns (uint256 balance); /** * @dev Returns the owner of the `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function ownerOf(uint256 tokenId) external view returns (address owner); /** * @dev Safely transfers `tokenId` token from `from` to `to`. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must exist and be owned by `from`. * - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}. * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. * * Emits a {Transfer} event. */ function safeTransferFrom( address from, address to, uint256 tokenId, bytes calldata data ) external; /** * @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients * are aware of the ERC721 protocol to prevent tokens from being forever locked. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must exist and be owned by `from`. * - If the caller is not `from`, it must have been allowed to move this token by either {approve} or {setApprovalForAll}. * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer. * * Emits a {Transfer} event. */ function safeTransferFrom( address from, address to, uint256 tokenId ) external; /** * @dev Transfers `tokenId` token from `from` to `to`. * * WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC721 * or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must * understand this adds an external call which potentially creates a reentrancy vulnerability. * * Requirements: * * - `from` cannot be the zero address. * - `to` cannot be the zero address. * - `tokenId` token must be owned by `from`. * - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}. * * Emits a {Transfer} event. */ function transferFrom( address from, address to, uint256 tokenId ) external; /** * @dev Gives permission to `to` to transfer `tokenId` token to another account. * The approval is cleared when the token is transferred. * * Only a single account can be approved at a time, so approving the zero address clears previous approvals. * * Requirements: * * - The caller must own the token or be an approved operator. * - `tokenId` must exist. * * Emits an {Approval} event. */ function approve(address to, uint256 tokenId) external; /** * @dev Approve or remove `operator` as an operator for the caller. * Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller. * * Requirements: * * - The `operator` cannot be the caller. * * Emits an {ApprovalForAll} event. */ function setApprovalForAll(address operator, bool _approved) external; /** * @dev Returns the account approved for `tokenId` token. * * Requirements: * * - `tokenId` must exist. */ function getApproved(uint256 tokenId) external view returns (address operator); /** * @dev Returns if the `operator` is allowed to manage all of the assets of `owner`. * * See {setApprovalForAll} */ function isApprovedForAll(address owner, address operator) external view returns (bool); }
// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol) pragma solidity ^0.8.0; /** * @dev Interface of the ERC165 standard, as defined in the * https://eips.ethereum.org/EIPS/eip-165[EIP]. * * Implementers can declare support of contract interfaces, which can then be * queried by others ({ERC165Checker}). * * For an implementation, see {ERC165}. */ interface IERC165 { /** * @dev Returns true if this contract implements the interface defined by * `interfaceId`. See the corresponding * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section] * to learn more about how these ids are created. * * This function call must use less than 30 000 gas. */ function supportsInterface(bytes4 interfaceId) external view returns (bool); }
// SPDX-License-Identifier: MIT // ArchetypePayouts v0.7.0 // // d8888 888 888 // d88888 888 888 // d88P888 888 888 // d88P 888 888d888 .d8888b 88888b. .d88b. 888888 888 888 88888b. .d88b. // d88P 888 888P" d88P" 888 "88b d8P Y8b 888 888 888 888 "88b d8P Y8b // d88P 888 888 888 888 888 88888888 888 888 888 888 888 88888888 // d8888888888 888 Y88b. 888 888 Y8b. Y88b. Y88b 888 888 d88P Y8b. // d88P 888 888 "Y8888P 888 888 "Y8888 "Y888 "Y88888 88888P" "Y8888 // 888 888 // Y8b d88P 888 // pragma solidity ^0.8.4; import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; error InvalidLength(); error InvalidSplitShares(); error TransferFailed(); error BalanceEmpty(); error NotApprovedToWithdraw(); contract ArchetypePayouts { event Withdrawal(address indexed src, address token, uint256 wad); event FundsAdded(address indexed recipient, address token, uint256 amount); mapping(address => mapping(address => uint256)) private _balance; mapping(address => mapping(address => bool)) private _approvals; function updateBalances( uint256 totalAmount, address token, address[] calldata recipients, uint16[] calldata splits ) public payable { if (recipients.length != splits.length) { revert InvalidLength(); } uint256 totalShares = 0; for (uint256 i = 0; i < splits.length; i++) { totalShares += splits[i]; } if (totalShares != 10000) { revert InvalidSplitShares(); } if (token == address(0)) { // ETH payments uint256 totalReceived = msg.value; for (uint256 i = 0; i < recipients.length; i++) { if (splits[i] > 0) { uint256 amountToAdd = (totalReceived * splits[i]) / 10000; _balance[recipients[i]][token] += amountToAdd; emit FundsAdded(recipients[i], token, amountToAdd); } } } else { // ERC20 payments IERC20 paymentToken = IERC20(token); bool success = paymentToken.transferFrom(msg.sender, address(this), totalAmount); if (!success) { revert TransferFailed(); } for (uint256 i = 0; i < recipients.length; i++) { if (splits[i] > 0) { uint256 amountToAdd = (totalAmount * splits[i]) / 10000; _balance[recipients[i]][token] += amountToAdd; emit FundsAdded(recipients[i], token, amountToAdd); } } } } function withdraw() external { address msgSender = msg.sender; _withdraw(msgSender, msgSender, address(0)); } function withdrawTokens(address[] memory tokens) external { address msgSender = msg.sender; for (uint256 i = 0; i < tokens.length; i++) { _withdraw(msgSender, msgSender, tokens[i]); } } function withdrawFrom(address from, address to) public { if (from != msg.sender && !_approvals[from][to]) { revert NotApprovedToWithdraw(); } _withdraw(from, to, address(0)); } function withdrawTokensFrom( address from, address to, address[] memory tokens ) public { if (from != msg.sender && !_approvals[from][to]) { revert NotApprovedToWithdraw(); } for (uint256 i = 0; i < tokens.length; i++) { _withdraw(from, to, tokens[i]); } } function _withdraw( address from, address to, address token ) internal { uint256 wad; wad = _balance[from][token]; _balance[from][token] = 0; if (wad == 0) { revert BalanceEmpty(); } if (token == address(0)) { bool success = false; (success, ) = to.call{ value: wad }(""); if (!success) { revert TransferFailed(); } } else { IERC20 erc20Token = IERC20(token); bool success = erc20Token.transfer(to, wad); if (!success) { revert TransferFailed(); } } emit Withdrawal(from, token, wad); } function approveWithdrawal(address delegate, bool approved) external { _approvals[msg.sender][delegate] = approved; } function isApproved(address from, address delegate) external view returns (bool) { return _approvals[from][delegate]; } function balance(address recipient) external view returns (uint256) { return _balance[recipient][address(0)]; } function balanceToken(address recipient, address token) external view returns (uint256) { return _balance[recipient][token]; } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.4; /// @notice Gas optimized ECDSA wrapper. /// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/ECDSA.sol) /// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/ECDSA.sol) /// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol) library ECDSA { function recover(bytes32 hash, bytes calldata signature) internal view returns (address result) { assembly { if eq(signature.length, 65) { // Copy the free memory pointer so that we can restore it later. let m := mload(0x40) // Directly copy `r` and `s` from the calldata. calldatacopy(0x40, signature.offset, 0x40) // If `s` in lower half order, such that the signature is not malleable. // prettier-ignore if iszero(gt(mload(0x60), 0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0)) { mstore(0x00, hash) // Compute `v` and store it in the scratch space. mstore(0x20, byte(0, calldataload(add(signature.offset, 0x40)))) pop( staticcall( gas(), // Amount of gas left for the transaction. 0x01, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) // Restore the zero slot. mstore(0x60, 0) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(sub(0x60, returndatasize())) } // Restore the free memory pointer. mstore(0x40, m) } } } function recover( bytes32 hash, bytes32 r, bytes32 vs ) internal view returns (address result) { assembly { // Copy the free memory pointer so that we can restore it later. let m := mload(0x40) // prettier-ignore let s := and(vs, 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) // If `s` in lower half order, such that the signature is not malleable. // prettier-ignore if iszero(gt(s, 0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0)) { mstore(0x00, hash) mstore(0x20, add(shr(255, vs), 27)) mstore(0x40, r) mstore(0x60, s) pop( staticcall( gas(), // Amount of gas left for the transaction. 0x01, // Address of `ecrecover`. 0x00, // Start of input. 0x80, // Size of input. 0x40, // Start of output. 0x20 // Size of output. ) ) // Restore the zero slot. mstore(0x60, 0) // `returndatasize()` will be `0x20` upon success, and `0x00` otherwise. result := mload(sub(0x60, returndatasize())) } // Restore the free memory pointer. mstore(0x40, m) } } function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 result) { assembly { // Store into scratch space for keccak256. mstore(0x20, hash) mstore(0x00, "\x00\x00\x00\x00\x19Ethereum Signed Message:\n32") // 0x40 - 0x04 = 0x3c result := keccak256(0x04, 0x3c) } } function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32 result) { assembly { // We need at most 128 bytes for Ethereum signed message header. // The max length of the ASCII reprenstation of a uint256 is 78 bytes. // The length of "\x19Ethereum Signed Message:\n" is 26 bytes (i.e. 0x1a). // The next multiple of 32 above 78 + 26 is 128 (i.e. 0x80). // Instead of allocating, we temporarily copy the 128 bytes before the // start of `s` data to some variables. let m3 := mload(sub(s, 0x60)) let m2 := mload(sub(s, 0x40)) let m1 := mload(sub(s, 0x20)) // The length of `s` is in bytes. let sLength := mload(s) let ptr := add(s, 0x20) // `end` marks the end of the memory which we will compute the keccak256 of. let end := add(ptr, sLength) // Convert the length of the bytes to ASCII decimal representation // and store it into the memory. // prettier-ignore for { let temp := sLength } 1 {} { ptr := sub(ptr, 1) mstore8(ptr, add(48, mod(temp, 10))) temp := div(temp, 10) // prettier-ignore if iszero(temp) { break } } // Copy the header over to the memory. mstore(sub(ptr, 0x20), "\x00\x00\x00\x00\x00\x00\x19Ethereum Signed Message:\n") // Compute the keccak256 of the memory. result := keccak256(sub(ptr, 0x1a), sub(end, sub(ptr, 0x1a))) // Restore the previous memory. mstore(s, sLength) mstore(sub(s, 0x20), m1) mstore(sub(s, 0x40), m2) mstore(sub(s, 0x60), m3) } } }
// SPDX-License-Identifier: MIT pragma solidity ^0.8.4; /// @notice Gas optimized verification of proof of inclusion for a leaf in a Merkle tree. /// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/MerkleProofLib.sol) /// @author Modified from Solmate (https://github.com/transmissions11/solmate/blob/main/src/utils/MerkleProofLib.sol) /// @author Modified from OpenZeppelin (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/MerkleProof.sol) library MerkleProofLib { function verify( bytes32[] calldata proof, bytes32 root, bytes32 leaf ) internal pure returns (bool isValid) { assembly { if proof.length { // Left shift by 5 is equivalent to multiplying by 0x20. let end := add(proof.offset, shl(5, proof.length)) // Initialize `offset` to the offset of `proof` in the calldata. let offset := proof.offset // Iterate over proof elements to compute root hash. // prettier-ignore for {} 1 {} { // Slot of `leaf` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(leaf, calldataload(offset))) // Store elements to hash contiguously in scratch space. // Scratch space is 64 bytes (0x00 - 0x3f) and both elements are 32 bytes. mstore(scratch, leaf) mstore(xor(scratch, 0x20), calldataload(offset)) // Reuse `leaf` to store the hash to reduce stack operations. leaf := keccak256(0x00, 0x40) offset := add(offset, 0x20) // prettier-ignore if iszero(lt(offset, end)) { break } } } isValid := eq(leaf, root) } } function verifyMultiProof( bytes32[] calldata proof, bytes32 root, bytes32[] calldata leafs, bool[] calldata flags ) internal pure returns (bool isValid) { // Rebuilds the root by consuming and producing values on a queue. // The queue starts with the `leafs` array, and goes into a `hashes` array. // After the process, the last element on the queue is verified // to be equal to the `root`. // // The `flags` array denotes whether the sibling // should be popped from the queue (`flag == true`), or // should be popped from the `proof` (`flag == false`). assembly { // If the number of flags is correct. // prettier-ignore for {} eq(add(leafs.length, proof.length), add(flags.length, 1)) {} { // Left shift by 5 is equivalent to multiplying by 0x20. // Compute the end calldata offset of `leafs`. let leafsEnd := add(leafs.offset, shl(5, leafs.length)) // These are the calldata offsets. let leafsOffset := leafs.offset let flagsOffset := flags.offset let proofOffset := proof.offset // We can use the free memory space for the queue. // We don't need to allocate, since the queue is temporary. let hashesFront := mload(0x40) let hashesBack := hashesFront // This is the end of the memory for the queue. let end := add(hashesBack, shl(5, flags.length)) // For the case where `proof.length + leafs.length == 1`. if iszero(flags.length) { // If `proof.length` is zero, `leafs.length` is 1. if iszero(proof.length) { isValid := eq(calldataload(leafsOffset), root) break } // If `leafs.length` is zero, `proof.length` is 1. if iszero(leafs.length) { isValid := eq(calldataload(proofOffset), root) break } } // prettier-ignore for {} 1 {} { let a := 0 // Pops a value from the queue into `a`. switch lt(leafsOffset, leafsEnd) case 0 { // Pop from `hashes` if there are no more leafs. a := mload(hashesFront) hashesFront := add(hashesFront, 0x20) } default { // Otherwise, pop from `leafs`. a := calldataload(leafsOffset) leafsOffset := add(leafsOffset, 0x20) } let b := 0 // If the flag is false, load the next proof, // else, pops from the queue. switch calldataload(flagsOffset) case 0 { // Loads the next proof. b := calldataload(proofOffset) proofOffset := add(proofOffset, 0x20) } default { // Pops a value from the queue into `a`. switch lt(leafsOffset, leafsEnd) case 0 { // Pop from `hashes` if there are no more leafs. b := mload(hashesFront) hashesFront := add(hashesFront, 0x20) } default { // Otherwise, pop from `leafs`. b := calldataload(leafsOffset) leafsOffset := add(leafsOffset, 0x20) } } // Advance to the next flag offset. flagsOffset := add(flagsOffset, 0x20) // Slot of `a` in scratch space. // If the condition is true: 0x20, otherwise: 0x00. let scratch := shl(5, gt(a, b)) // Hash the scratch space and push the result onto the queue. mstore(scratch, a) mstore(xor(scratch, 0x20), b) mstore(hashesBack, keccak256(0x00, 0x40)) hashesBack := add(hashesBack, 0x20) // prettier-ignore if iszero(lt(hashesBack, end)) { break } } // Checks if the last value in the queue is same as the root. isValid := eq(mload(sub(hashesBack, 0x20)), root) break } } } }
{ "optimizer": { "enabled": true, "runs": 200 }, "outputSelection": { "*": { "*": [ "evm.bytecode", "evm.deployedBytecode", "devdoc", "userdoc", "metadata", "abi" ] } }, "libraries": {} }
Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[],"name":"BalanceEmpty","type":"error"},{"inputs":[],"name":"Blacklisted","type":"error"},{"inputs":[],"name":"BurnToMintDisabled","type":"error"},{"inputs":[],"name":"Erc20BalanceTooLow","type":"error"},{"inputs":[],"name":"ExcessiveEthSent","type":"error"},{"inputs":[],"name":"InsufficientEthSent","type":"error"},{"inputs":[],"name":"InvalidAmountOfTokens","type":"error"},{"inputs":[],"name":"InvalidReferral","type":"error"},{"inputs":[],"name":"InvalidSignature","type":"error"},{"inputs":[],"name":"ListMaxSupplyExceeded","type":"error"},{"inputs":[],"name":"MaxBatchSizeExceeded","type":"error"},{"inputs":[],"name":"MaxSupplyExceeded","type":"error"},{"inputs":[],"name":"MintEnded","type":"error"},{"inputs":[],"name":"MintNotYetStarted","type":"error"},{"inputs":[],"name":"MintingPaused","type":"error"},{"inputs":[],"name":"NotApprovedToTransfer","type":"error"},{"inputs":[],"name":"NotShareholder","type":"error"},{"inputs":[],"name":"NotTokenOwner","type":"error"},{"inputs":[],"name":"NumberOfMintsExceeded","type":"error"},{"inputs":[],"name":"TransferFailed","type":"error"},{"inputs":[],"name":"WalletUnauthorizedToMint","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"cid","type":"bytes32"}],"name":"Invited","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"affiliate","type":"address"},{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint128","name":"wad","type":"uint128"},{"indexed":false,"internalType":"uint256","name":"numMints","type":"uint256"}],"name":"Referral","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"src","type":"address"},{"indexed":false,"internalType":"address","name":"token","type":"address"},{"indexed":false,"internalType":"uint128","name":"wad","type":"uint128"}],"name":"Withdrawal","type":"event"},{"inputs":[{"internalType":"address","name":"affiliate","type":"address"},{"internalType":"bytes","name":"signature","type":"bytes"},{"internalType":"address","name":"affiliateSigner","type":"address"}],"name":"validateAffiliate","outputs":[],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"bytes32","name":"key","type":"bytes32"},{"internalType":"bytes32[]","name":"proof","type":"bytes32[]"}],"internalType":"struct Auth","name":"auth","type":"tuple"},{"internalType":"address","name":"tokenAddress","type":"address"},{"internalType":"address","name":"account","type":"address"}],"name":"verify","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"pure","type":"function"}]
Contract Creation Code
Deployed Bytecode
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.