Transaction Hash:
Block:
24132256 at Dec-31-2025 11:17:35 AM +UTC
Transaction Fee:
0.00000398325128116 ETH
$0.008264
Gas Used:
42,040 Gas / 0.094749079 Gwei
Emitted Events:
| 680 |
ERC1967Proxy.0x0e0ba6c2b04de36d6d509ec5bd155c43a9fe862f8052096dd54f3902a74cca3e( 0x0e0ba6c2b04de36d6d509ec5bd155c43a9fe862f8052096dd54f3902a74cca3e, 0x0000000000000000000000000000000000000000000000000000000000000362 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
| 0xD6B7d52E...dcDcCb690 |
0.063497508406815222 Eth
Nonce: 269
|
0.063493525155534062 Eth
Nonce: 270
| 0.00000398325128116 | ||
|
0xdadB0d80...24f783711
Miner
| (BuilderNet) | 181.511772556710368911 Eth | 181.511772556710452991 Eth | 0.00000000000008408 | |
| 0xDD9BC35a...3fF30a4E1 |
Execution Trace
ERC1967Proxy.2e168e0e( )
SSVNetworkUpgradeValidatorsPerOperator.removeOperator( operatorId=866 )-
SSVOperators.removeOperator( operatorId=866 )
-
removeOperator[SSVNetwork (ln:1939)]
_delegate[SSVNetwork (ln:1940)]load[SSVNetwork (ln:1940)]
File 1 of 3: ERC1967Proxy
File 2 of 3: SSVNetworkUpgradeValidatorsPerOperator
File 3 of 3: SSVOperators
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/proxy/beacon/BeaconProxy.sol";
import "@openzeppelin/contracts/proxy/beacon/UpgradeableBeacon.sol";
import "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol";
import "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
import "@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol";
// Kept for backwards compatibility with older versions of Hardhat and Truffle plugins.
contract AdminUpgradeabilityProxy is TransparentUpgradeableProxy {
constructor(address logic, address admin, bytes memory data) payable TransparentUpgradeableProxy(logic, admin, data) {}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./IBeacon.sol";
import "../Proxy.sol";
import "../ERC1967/ERC1967Upgrade.sol";
/**
* @dev This contract implements a proxy that gets the implementation address for each call from a {UpgradeableBeacon}.
*
* The beacon address is stored in storage slot `uint256(keccak256('eip1967.proxy.beacon')) - 1`, so that it doesn't
* conflict with the storage layout of the implementation behind the proxy.
*
* _Available since v3.4._
*/
contract BeaconProxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the proxy with `beacon`.
*
* If `data` is nonempty, it's used as data in a delegate call to the implementation returned by the beacon. This
* will typically be an encoded function call, and allows initializating the storage of the proxy like a Solidity
* constructor.
*
* Requirements:
*
* - `beacon` must be a contract with the interface {IBeacon}.
*/
constructor(address beacon, bytes memory data) payable {
assert(_BEACON_SLOT == bytes32(uint256(keccak256("eip1967.proxy.beacon")) - 1));
_upgradeBeaconToAndCall(beacon, data, false);
}
/**
* @dev Returns the current beacon address.
*/
function _beacon() internal view virtual returns (address) {
return _getBeacon();
}
/**
* @dev Returns the current implementation address of the associated beacon.
*/
function _implementation() internal view virtual override returns (address) {
return IBeacon(_getBeacon()).implementation();
}
/**
* @dev Changes the proxy to use a new beacon. Deprecated: see {_upgradeBeaconToAndCall}.
*
* If `data` is nonempty, it's used as data in a delegate call to the implementation returned by the beacon.
*
* Requirements:
*
* - `beacon` must be a contract.
* - The implementation returned by `beacon` must be a contract.
*/
function _setBeacon(address beacon, bytes memory data) internal virtual {
_upgradeBeaconToAndCall(beacon, data, false);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./IBeacon.sol";
import "../../access/Ownable.sol";
import "../../utils/Address.sol";
/**
* @dev This contract is used in conjunction with one or more instances of {BeaconProxy} to determine their
* implementation contract, which is where they will delegate all function calls.
*
* An owner is able to change the implementation the beacon points to, thus upgrading the proxies that use this beacon.
*/
contract UpgradeableBeacon is IBeacon, Ownable {
address private _implementation;
/**
* @dev Emitted when the implementation returned by the beacon is changed.
*/
event Upgraded(address indexed implementation);
/**
* @dev Sets the address of the initial implementation, and the deployer account as the owner who can upgrade the
* beacon.
*/
constructor(address implementation_) {
_setImplementation(implementation_);
}
/**
* @dev Returns the current implementation address.
*/
function implementation() public view virtual override returns (address) {
return _implementation;
}
/**
* @dev Upgrades the beacon to a new implementation.
*
* Emits an {Upgraded} event.
*
* Requirements:
*
* - msg.sender must be the owner of the contract.
* - `newImplementation` must be a contract.
*/
function upgradeTo(address newImplementation) public virtual onlyOwner {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Sets the implementation contract address for this beacon
*
* Requirements:
*
* - `newImplementation` must be a contract.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "UpgradeableBeacon: implementation is not a contract");
_implementation = newImplementation;
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../Proxy.sol";
import "./ERC1967Upgrade.sol";
/**
* @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
* implementation address that can be changed. This address is stored in storage in the location specified by
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
* implementation behind the proxy.
*/
contract ERC1967Proxy is Proxy, ERC1967Upgrade {
/**
* @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
*
* If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
* function call, and allows initializating the storage of the proxy like a Solidity constructor.
*/
constructor(address _logic, bytes memory _data) payable {
assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1));
_upgradeToAndCall(_logic, _data, false);
}
/**
* @dev Returns the current implementation address.
*/
function _implementation() internal view virtual override returns (address impl) {
return ERC1967Upgrade._getImplementation();
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../ERC1967/ERC1967Proxy.sol";
/**
* @dev This contract implements a proxy that is upgradeable by an admin.
*
* To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
* clashing], which can potentially be used in an attack, this contract uses the
* https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
* things that go hand in hand:
*
* 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
* that call matches one of the admin functions exposed by the proxy itself.
* 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
* implementation. If the admin tries to call a function on the implementation it will fail with an error that says
* "admin cannot fallback to proxy target".
*
* These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
* the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
* to sudden errors when trying to call a function from the proxy implementation.
*
* Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
* you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
*/
contract TransparentUpgradeableProxy is ERC1967Proxy {
/**
* @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
* optionally initialized with `_data` as explained in {ERC1967Proxy-constructor}.
*/
constructor(address _logic, address admin_, bytes memory _data) payable ERC1967Proxy(_logic, _data) {
assert(_ADMIN_SLOT == bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1));
_changeAdmin(admin_);
}
/**
* @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
*/
modifier ifAdmin() {
if (msg.sender == _getAdmin()) {
_;
} else {
_fallback();
}
}
/**
* @dev Returns the current admin.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
*/
function admin() external ifAdmin returns (address admin_) {
admin_ = _getAdmin();
}
/**
* @dev Returns the current implementation.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
*
* TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
* https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
* `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
*/
function implementation() external ifAdmin returns (address implementation_) {
implementation_ = _implementation();
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
*/
function changeAdmin(address newAdmin) external virtual ifAdmin {
_changeAdmin(newAdmin);
}
/**
* @dev Upgrade the implementation of the proxy.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
*/
function upgradeTo(address newImplementation) external ifAdmin {
_upgradeToAndCall(newImplementation, bytes(""), false);
}
/**
* @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
* by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
* proxied contract.
*
* NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
*/
function upgradeToAndCall(address newImplementation, bytes calldata data) external payable ifAdmin {
_upgradeToAndCall(newImplementation, data, true);
}
/**
* @dev Returns the current admin.
*/
function _admin() internal view virtual returns (address) {
return _getAdmin();
}
/**
* @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
*/
function _beforeFallback() internal virtual override {
require(msg.sender != _getAdmin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
super._beforeFallback();
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./TransparentUpgradeableProxy.sol";
import "../../access/Ownable.sol";
/**
* @dev This is an auxiliary contract meant to be assigned as the admin of a {TransparentUpgradeableProxy}. For an
* explanation of why you would want to use this see the documentation for {TransparentUpgradeableProxy}.
*/
contract ProxyAdmin is Ownable {
/**
* @dev Returns the current implementation of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function getProxyImplementation(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
// We need to manually run the static call since the getter cannot be flagged as view
// bytes4(keccak256("implementation()")) == 0x5c60da1b
(bool success, bytes memory returndata) = address(proxy).staticcall(hex"5c60da1b");
require(success);
return abi.decode(returndata, (address));
}
/**
* @dev Returns the current admin of `proxy`.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function getProxyAdmin(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
// We need to manually run the static call since the getter cannot be flagged as view
// bytes4(keccak256("admin()")) == 0xf851a440
(bool success, bytes memory returndata) = address(proxy).staticcall(hex"f851a440");
require(success);
return abi.decode(returndata, (address));
}
/**
* @dev Changes the admin of `proxy` to `newAdmin`.
*
* Requirements:
*
* - This contract must be the current admin of `proxy`.
*/
function changeProxyAdmin(TransparentUpgradeableProxy proxy, address newAdmin) public virtual onlyOwner {
proxy.changeAdmin(newAdmin);
}
/**
* @dev Upgrades `proxy` to `implementation`. See {TransparentUpgradeableProxy-upgradeTo}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function upgrade(TransparentUpgradeableProxy proxy, address implementation) public virtual onlyOwner {
proxy.upgradeTo(implementation);
}
/**
* @dev Upgrades `proxy` to `implementation` and calls a function on the new implementation. See
* {TransparentUpgradeableProxy-upgradeToAndCall}.
*
* Requirements:
*
* - This contract must be the admin of `proxy`.
*/
function upgradeAndCall(TransparentUpgradeableProxy proxy, address implementation, bytes memory data) public payable virtual onlyOwner {
proxy.upgradeToAndCall{value: msg.value}(implementation, data);
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeacon {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
* instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
* be specified by overriding the virtual {_implementation} function.
*
* Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
* different contract through the {_delegate} function.
*
* The success and return data of the delegated call will be returned back to the caller of the proxy.
*/
abstract contract Proxy {
/**
* @dev Delegates the current call to `implementation`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _delegate(address implementation) internal virtual {
// solhint-disable-next-line no-inline-assembly
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 { revert(0, returndatasize()) }
default { return(0, returndatasize()) }
}
}
/**
* @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
* and {_fallback} should delegate.
*/
function _implementation() internal view virtual returns (address);
/**
* @dev Delegates the current call to the address returned by `_implementation()`.
*
* This function does not return to its internall call site, it will return directly to the external caller.
*/
function _fallback() internal virtual {
_beforeFallback();
_delegate(_implementation());
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
* function in the contract matches the call data.
*/
fallback () external payable virtual {
_fallback();
}
/**
* @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
* is empty.
*/
receive () external payable virtual {
_fallback();
}
/**
* @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
* call, or as part of the Solidity `fallback` or `receive` functions.
*
* If overriden should call `super._beforeFallback()`.
*/
function _beforeFallback() internal virtual {
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.2;
import "../beacon/IBeacon.sol";
import "../../utils/Address.sol";
import "../../utils/StorageSlot.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*
* @custom:oz-upgrades-unsafe-allow delegatecall
*/
abstract contract ERC1967Upgrade {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallSecure(address newImplementation, bytes memory data, bool forceCall) internal {
address oldImplementation = _getImplementation();
// Initial upgrade and setup call
_setImplementation(newImplementation);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(newImplementation, data);
}
// Perform rollback test if not already in progress
StorageSlot.BooleanSlot storage rollbackTesting = StorageSlot.getBooleanSlot(_ROLLBACK_SLOT);
if (!rollbackTesting.value) {
// Trigger rollback using upgradeTo from the new implementation
rollbackTesting.value = true;
Address.functionDelegateCall(
newImplementation,
abi.encodeWithSignature(
"upgradeTo(address)",
oldImplementation
)
);
rollbackTesting.value = false;
// Check rollback was effective
require(oldImplementation == _getImplementation(), "ERC1967Upgrade: upgrade breaks further upgrades");
// Finally reset to the new implementation and log the upgrade
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlot.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlot.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Emitted when the beacon is upgraded.
*/
event BeaconUpgraded(address indexed beacon);
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlot.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(
Address.isContract(newBeacon),
"ERC1967: new beacon is not a contract"
);
require(
Address.isContract(IBeacon(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlot.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.delegatecall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, and `uint256`._
*/
library StorageSlot {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
assembly {
r.slot := slot
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor () {
address msgSender = _msgSender();
_owner = msgSender;
emit OwnershipTransferred(address(0), msgSender);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
emit OwnershipTransferred(_owner, address(0));
_owner = address(0);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferred(_owner, newOwner);
_owner = newOwner;
}
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}
File 2 of 3: SSVNetworkUpgradeValidatorsPerOperator
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable2Step.sol)
pragma solidity ^0.8.0;
import "./OwnableUpgradeable.sol";
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership} and {acceptOwnership}.
*
* This module is used through inheritance. It will make available all functions
* from parent (Ownable).
*/
abstract contract Ownable2StepUpgradeable is Initializable, OwnableUpgradeable {
address private _pendingOwner;
event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
function __Ownable2Step_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable2Step_init_unchained() internal onlyInitializing {
}
/**
* @dev Returns the address of the pending owner.
*/
function pendingOwner() public view virtual returns (address) {
return _pendingOwner;
}
/**
* @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual override {
delete _pendingOwner;
super._transferOwnership(newOwner);
}
/**
* @dev The new owner accepts the ownership transfer.
*/
function acceptOwnership() public virtual {
address sender = _msgSender();
require(pendingOwner() == sender, "Ownable2Step: caller is not the new owner");
_transferOwnership(sender);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
function __Ownable_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable_init_unchained() internal onlyInitializing {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (interfaces/draft-IERC1822.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified
* proxy whose upgrades are fully controlled by the current implementation.
*/
interface IERC1822ProxiableUpgradeable {
/**
* @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation
* address.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy.
*/
function proxiableUUID() external view returns (bytes32);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (interfaces/IERC1967.sol)
pragma solidity ^0.8.0;
/**
* @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
*
* _Available since v4.8.3._
*/
interface IERC1967Upgradeable {
/**
* @dev Emitted when the implementation is upgraded.
*/
event Upgraded(address indexed implementation);
/**
* @dev Emitted when the admin account has changed.
*/
event AdminChanged(address previousAdmin, address newAdmin);
/**
* @dev Emitted when the beacon is changed.
*/
event BeaconUpgraded(address indexed beacon);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (proxy/beacon/IBeacon.sol)
pragma solidity ^0.8.0;
/**
* @dev This is the interface that {BeaconProxy} expects of its beacon.
*/
interface IBeaconUpgradeable {
/**
* @dev Must return an address that can be used as a delegate call target.
*
* {BeaconProxy} will check that this address is a contract.
*/
function implementation() external view returns (address);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/ERC1967/ERC1967Upgrade.sol)
pragma solidity ^0.8.2;
import "../beacon/IBeaconUpgradeable.sol";
import "../../interfaces/IERC1967Upgradeable.sol";
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../../utils/AddressUpgradeable.sol";
import "../../utils/StorageSlotUpgradeable.sol";
import {Initializable} from "../utils/Initializable.sol";
/**
* @dev This abstract contract provides getters and event emitting update functions for
* https://eips.ethereum.org/EIPS/eip-1967[EIP1967] slots.
*
* _Available since v4.1._
*/
abstract contract ERC1967UpgradeUpgradeable is Initializable, IERC1967Upgradeable {
// This is the keccak-256 hash of "eip1967.proxy.rollback" subtracted by 1
bytes32 private constant _ROLLBACK_SLOT = 0x4910fdfa16fed3260ed0e7147f7cc6da11a60208b5b9406d12a635614ffd9143;
/**
* @dev Storage slot with the address of the current implementation.
* This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
function __ERC1967Upgrade_init() internal onlyInitializing {
}
function __ERC1967Upgrade_init_unchained() internal onlyInitializing {
}
/**
* @dev Returns the current implementation address.
*/
function _getImplementation() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 implementation slot.
*/
function _setImplementation(address newImplementation) private {
require(AddressUpgradeable.isContract(newImplementation), "ERC1967: new implementation is not a contract");
StorageSlotUpgradeable.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
}
/**
* @dev Perform implementation upgrade
*
* Emits an {Upgraded} event.
*/
function _upgradeTo(address newImplementation) internal {
_setImplementation(newImplementation);
emit Upgraded(newImplementation);
}
/**
* @dev Perform implementation upgrade with additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCall(address newImplementation, bytes memory data, bool forceCall) internal {
_upgradeTo(newImplementation);
if (data.length > 0 || forceCall) {
AddressUpgradeable.functionDelegateCall(newImplementation, data);
}
}
/**
* @dev Perform implementation upgrade with security checks for UUPS proxies, and additional setup call.
*
* Emits an {Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data, bool forceCall) internal {
// Upgrades from old implementations will perform a rollback test. This test requires the new
// implementation to upgrade back to the old, non-ERC1822 compliant, implementation. Removing
// this special case will break upgrade paths from old UUPS implementation to new ones.
if (StorageSlotUpgradeable.getBooleanSlot(_ROLLBACK_SLOT).value) {
_setImplementation(newImplementation);
} else {
try IERC1822ProxiableUpgradeable(newImplementation).proxiableUUID() returns (bytes32 slot) {
require(slot == _IMPLEMENTATION_SLOT, "ERC1967Upgrade: unsupported proxiableUUID");
} catch {
revert("ERC1967Upgrade: new implementation is not UUPS");
}
_upgradeToAndCall(newImplementation, data, forceCall);
}
}
/**
* @dev Storage slot with the admin of the contract.
* This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
* validated in the constructor.
*/
bytes32 internal constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
/**
* @dev Returns the current admin.
*/
function _getAdmin() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value;
}
/**
* @dev Stores a new address in the EIP1967 admin slot.
*/
function _setAdmin(address newAdmin) private {
require(newAdmin != address(0), "ERC1967: new admin is the zero address");
StorageSlotUpgradeable.getAddressSlot(_ADMIN_SLOT).value = newAdmin;
}
/**
* @dev Changes the admin of the proxy.
*
* Emits an {AdminChanged} event.
*/
function _changeAdmin(address newAdmin) internal {
emit AdminChanged(_getAdmin(), newAdmin);
_setAdmin(newAdmin);
}
/**
* @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
* This is bytes32(uint256(keccak256('eip1967.proxy.beacon')) - 1)) and is validated in the constructor.
*/
bytes32 internal constant _BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;
/**
* @dev Returns the current beacon.
*/
function _getBeacon() internal view returns (address) {
return StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value;
}
/**
* @dev Stores a new beacon in the EIP1967 beacon slot.
*/
function _setBeacon(address newBeacon) private {
require(AddressUpgradeable.isContract(newBeacon), "ERC1967: new beacon is not a contract");
require(
AddressUpgradeable.isContract(IBeaconUpgradeable(newBeacon).implementation()),
"ERC1967: beacon implementation is not a contract"
);
StorageSlotUpgradeable.getAddressSlot(_BEACON_SLOT).value = newBeacon;
}
/**
* @dev Perform beacon upgrade with additional setup call. Note: This upgrades the address of the beacon, it does
* not upgrade the implementation contained in the beacon (see {UpgradeableBeacon-_setImplementation} for that).
*
* Emits a {BeaconUpgraded} event.
*/
function _upgradeBeaconToAndCall(address newBeacon, bytes memory data, bool forceCall) internal {
_setBeacon(newBeacon);
emit BeaconUpgraded(newBeacon);
if (data.length > 0 || forceCall) {
AddressUpgradeable.functionDelegateCall(IBeaconUpgradeable(newBeacon).implementation(), data);
}
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized != type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (proxy/utils/UUPSUpgradeable.sol)
pragma solidity ^0.8.0;
import "../../interfaces/draft-IERC1822Upgradeable.sol";
import "../ERC1967/ERC1967UpgradeUpgradeable.sol";
import {Initializable} from "./Initializable.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*
* _Available since v4.1._
*/
abstract contract UUPSUpgradeable is Initializable, IERC1822ProxiableUpgradeable, ERC1967UpgradeUpgradeable {
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable state-variable-assignment
address private immutable __self = address(this);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/
modifier onlyProxy() {
require(address(this) != __self, "Function must be called through delegatecall");
require(_getImplementation() == __self, "Function must be called through active proxy");
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
require(address(this) == __self, "UUPSUpgradeable: must not be called through delegatecall");
_;
}
function __UUPSUpgradeable_init() internal onlyInitializing {
}
function __UUPSUpgradeable_init_unchained() internal onlyInitializing {
}
/**
* @dev Implementation of the ERC1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/
function proxiableUUID() external view virtual override notDelegated returns (bytes32) {
return _IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeTo(address newImplementation) public virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, new bytes(0), false);
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data, true);
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeTo} and {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal override onlyOwner {}
* ```
*/
function _authorizeUpgrade(address newImplementation) internal virtual;
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
*
* Furthermore, `isContract` will also return true if the target contract within
* the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
* which only has an effect at the end of a transaction.
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.4) (utils/Context.sol)
pragma solidity ^0.8.0;
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.
pragma solidity ^0.8.0;
/**
* @dev Library for reading and writing primitive types to specific storage slots.
*
* Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
* This library helps with reading and writing to such slots without the need for inline assembly.
*
* The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
*
* Example usage to set ERC1967 implementation slot:
* ```solidity
* contract ERC1967 {
* bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
*
* function _getImplementation() internal view returns (address) {
* return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
* }
*
* function _setImplementation(address newImplementation) internal {
* require(Address.isContract(newImplementation), "ERC1967: new implementation is not a contract");
* StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
* }
* }
* ```
*
* _Available since v4.1 for `address`, `bool`, `bytes32`, `uint256`._
* _Available since v4.9 for `string`, `bytes`._
*/
library StorageSlotUpgradeable {
struct AddressSlot {
address value;
}
struct BooleanSlot {
bool value;
}
struct Bytes32Slot {
bytes32 value;
}
struct Uint256Slot {
uint256 value;
}
struct StringSlot {
string value;
}
struct BytesSlot {
bytes value;
}
/**
* @dev Returns an `AddressSlot` with member `value` located at `slot`.
*/
function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BooleanSlot` with member `value` located at `slot`.
*/
function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Bytes32Slot` with member `value` located at `slot`.
*/
function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `Uint256Slot` with member `value` located at `slot`.
*/
function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` with member `value` located at `slot`.
*/
function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `StringSlot` representation of the string storage pointer `store`.
*/
function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
/**
* @dev Returns an `BytesSlot` with member `value` located at `slot`.
*/
function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := slot
}
}
/**
* @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
*/
function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
/// @solidity memory-safe-assembly
assembly {
r.slot := store.slot
}
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Counters.sol)
pragma solidity ^0.8.0;
/**
* @title Counters
* @author Matt Condon (@shrugs)
* @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number
* of elements in a mapping, issuing ERC721 ids, or counting request ids.
*
* Include with `using Counters for Counters.Counter;`
*/
library Counters {
struct Counter {
// This variable should never be directly accessed by users of the library: interactions must be restricted to
// the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add
// this feature: see https://github.com/ethereum/solidity/issues/4637
uint256 _value; // default: 0
}
function current(Counter storage counter) internal view returns (uint256) {
return counter._value;
}
function increment(Counter storage counter) internal {
unchecked {
counter._value += 1;
}
}
function decrement(Counter storage counter) internal {
uint256 value = counter._value;
require(value > 0, "Counter: decrement overflow");
unchecked {
counter._value = value - 1;
}
}
function reset(Counter storage counter) internal {
counter._value = 0;
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
interface ISSVWhitelistingContract {
/// @notice Checks if the caller is whitelisted
/// @param account The account that is being checked for whitelisting
/// @param operatorId The SSV Operator Id which is being checked
function isWhitelisted(address account, uint256 operatorId) external view returns (bool);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
interface ISSVClusters is ISSVNetworkCore {
/// @notice Registers a new validator on the SSV Network
/// @param publicKey The public key of the new validator
/// @param operatorIds Array of IDs of operators managing this validator
/// @param sharesData Encrypted shares related to the new validator
/// @param amount Amount of SSV tokens to be deposited
/// @param cluster Cluster to be used with the new validator
function registerValidator(
bytes calldata publicKey,
uint64[] memory operatorIds,
bytes calldata sharesData,
uint256 amount,
Cluster memory cluster
) external;
/// @notice Registers new validators on the SSV Network
/// @param publicKeys The public keys of the new validators
/// @param operatorIds Array of IDs of operators managing this validator
/// @param sharesData Encrypted shares related to the new validators
/// @param amount Amount of SSV tokens to be deposited
/// @param cluster Cluster to be used with the new validator
function bulkRegisterValidator(
bytes[] calldata publicKeys,
uint64[] memory operatorIds,
bytes[] calldata sharesData,
uint256 amount,
Cluster memory cluster
) external;
/// @notice Removes an existing validator from the SSV Network
/// @param publicKey The public key of the validator to be removed
/// @param operatorIds Array of IDs of operators managing the validator
/// @param cluster Cluster associated with the validator
function removeValidator(bytes calldata publicKey, uint64[] memory operatorIds, Cluster memory cluster) external;
/// @notice Bulk removes a set of existing validators in the same cluster from the SSV Network
/// @notice Reverts if publicKeys contains duplicates or non-existent validators
/// @param publicKeys The public keys of the validators to be removed
/// @param operatorIds Array of IDs of operators managing the validator
/// @param cluster Cluster associated with the validator
function bulkRemoveValidator(
bytes[] calldata publicKeys,
uint64[] memory operatorIds,
Cluster memory cluster
) external;
/**************************/
/* Cluster External Functions */
/**************************/
/// @notice Liquidates a cluster
/// @param owner The owner of the cluster
/// @param operatorIds Array of IDs of operators managing the cluster
/// @param cluster Cluster to be liquidated
function liquidate(address owner, uint64[] memory operatorIds, Cluster memory cluster) external;
/// @notice Reactivates a cluster
/// @param operatorIds Array of IDs of operators managing the cluster
/// @param amount Amount of SSV tokens to be deposited for reactivation
/// @param cluster Cluster to be reactivated
function reactivate(uint64[] memory operatorIds, uint256 amount, Cluster memory cluster) external;
/******************************/
/* Balance External Functions */
/******************************/
/// @notice Deposits tokens into a cluster
/// @param owner The owner of the cluster
/// @param operatorIds Array of IDs of operators managing the cluster
/// @param amount Amount of SSV tokens to be deposited
/// @param cluster Cluster where the deposit will be made
function deposit(address owner, uint64[] memory operatorIds, uint256 amount, Cluster memory cluster) external;
/// @notice Withdraws tokens from a cluster
/// @param operatorIds Array of IDs of operators managing the cluster
/// @param tokenAmount Amount of SSV tokens to be withdrawn
/// @param cluster Cluster where the withdrawal will be made
function withdraw(uint64[] memory operatorIds, uint256 tokenAmount, Cluster memory cluster) external;
/// @notice Fires the exit event for a validator
/// @param publicKey The public key of the validator to be exited
/// @param operatorIds Array of IDs of operators managing the validator
function exitValidator(bytes calldata publicKey, uint64[] calldata operatorIds) external;
/// @notice Fires the exit event for a set of validators
/// @param publicKeys The public keys of the validators to be exited
/// @param operatorIds Array of IDs of operators managing the validators
function bulkExitValidator(bytes[] calldata publicKeys, uint64[] calldata operatorIds) external;
/**
* @dev Emitted when the validator has been added.
* @param publicKey The public key of a validator.
* @param operatorIds The operator ids list.
* @param shares snappy compressed shares(a set of encrypted and public shares).
* @param cluster All the cluster data.
*/
event ValidatorAdded(address indexed owner, uint64[] operatorIds, bytes publicKey, bytes shares, Cluster cluster);
/**
* @dev Emitted when the validator is removed.
* @param publicKey The public key of a validator.
* @param operatorIds The operator ids list.
* @param cluster All the cluster data.
*/
event ValidatorRemoved(address indexed owner, uint64[] operatorIds, bytes publicKey, Cluster cluster);
/**
* @dev Emitted when a cluster is liquidated.
* @param owner The owner of the liquidated cluster.
* @param operatorIds The operator IDs managing the cluster.
* @param cluster The liquidated cluster data.
*/
event ClusterLiquidated(address indexed owner, uint64[] operatorIds, Cluster cluster);
/**
* @dev Emitted when a cluster is reactivated.
* @param owner The owner of the reactivated cluster.
* @param operatorIds The operator IDs managing the cluster.
* @param cluster The reactivated cluster data.
*/
event ClusterReactivated(address indexed owner, uint64[] operatorIds, Cluster cluster);
/**
* @dev Emitted when tokens are withdrawn from a cluster.
* @param owner The owner of the cluster.
* @param operatorIds The operator IDs managing the cluster.
* @param value The amount of tokens withdrawn.
* @param cluster The cluster from which tokens were withdrawn.
*/
event ClusterWithdrawn(address indexed owner, uint64[] operatorIds, uint256 value, Cluster cluster);
/**
* @dev Emitted when tokens are deposited into a cluster.
* @param owner The owner of the cluster.
* @param operatorIds The operator IDs managing the cluster.
* @param value The amount of SSV tokens deposited.
* @param cluster The cluster into which SSV tokens were deposited.
*/
event ClusterDeposited(address indexed owner, uint64[] operatorIds, uint256 value, Cluster cluster);
/**
* @dev Emitted when a validator begins the exit process.
* @param owner The owner of the exiting validator.
* @param operatorIds The operator IDs managing the validator.
* @param publicKey The public key of the exiting validator.
*/
event ValidatorExited(address indexed owner, uint64[] operatorIds, bytes publicKey);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
interface ISSVDAO is ISSVNetworkCore {
/// @notice Updates the network fee
/// @param fee The new network fee (SSV) to be set
function updateNetworkFee(uint256 fee) external;
/// @notice Withdraws network earnings
/// @param amount The amount (SSV) to be withdrawn
function withdrawNetworkEarnings(uint256 amount) external;
/// @notice Updates the limit on the percentage increase in operator fees
/// @param percentage The new percentage limit
function updateOperatorFeeIncreaseLimit(uint64 percentage) external;
/// @notice Updates the period for declaring operator fees
/// @param timeInSeconds The new period in seconds
function updateDeclareOperatorFeePeriod(uint64 timeInSeconds) external;
/// @notice Updates the period for executing operator fees
/// @param timeInSeconds The new period in seconds
function updateExecuteOperatorFeePeriod(uint64 timeInSeconds) external;
/// @notice Updates the liquidation threshold period
/// @param blocks The new liquidation threshold in blocks
function updateLiquidationThresholdPeriod(uint64 blocks) external;
/// @notice Updates the minimum collateral required to prevent liquidation
/// @param amount The new minimum collateral amount (SSV)
function updateMinimumLiquidationCollateral(uint256 amount) external;
/// @notice Updates the maximum fee an operator that uses SSV token can set
/// @param maxFee The new maximum fee (SSV)
function updateMaximumOperatorFee(uint64 maxFee) external;
event OperatorFeeIncreaseLimitUpdated(uint64 value);
event DeclareOperatorFeePeriodUpdated(uint64 value);
event ExecuteOperatorFeePeriodUpdated(uint64 value);
event LiquidationThresholdPeriodUpdated(uint64 value);
event MinimumLiquidationCollateralUpdated(uint256 value);
/**
* @dev Emitted when the network fee is updated.
* @param oldFee The old fee
* @param newFee The new fee
*/
event NetworkFeeUpdated(uint256 oldFee, uint256 newFee);
/**
* @dev Emitted when transfer fees are withdrawn.
* @param value The amount of tokens withdrawn.
* @param recipient The recipient address.
*/
event NetworkEarningsWithdrawn(uint256 value, address recipient);
event OperatorMaximumFeeUpdated(uint64 maxFee);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
import {ISSVOperators} from "./ISSVOperators.sol";
import {ISSVClusters} from "./ISSVClusters.sol";
import {ISSVDAO} from "./ISSVDAO.sol";
import {ISSVViews} from "./ISSVViews.sol";
import {SSVModules} from "../libraries/SSVStorage.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
interface ISSVNetwork {
function initialize(
IERC20 token_,
ISSVOperators ssvOperators_,
ISSVClusters ssvClusters_,
ISSVDAO ssvDAO_,
ISSVViews ssvViews_,
uint64 minimumBlocksBeforeLiquidation_,
uint256 minimumLiquidationCollateral_,
uint32 validatorsPerOperatorLimit_,
uint64 declareOperatorFeePeriod_,
uint64 executeOperatorFeePeriod_,
uint64 operatorMaxFeeIncrease_
) external;
function getVersion() external pure returns (string memory version);
function setFeeRecipientAddress(address feeRecipientAddress) external;
function updateModule(SSVModules moduleId, address moduleAddress) external;
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
interface ISSVNetworkCore {
/***********/
/* Structs */
/***********/
/// @notice Represents a snapshot of an operator's or a DAO's state at a certain block
struct Snapshot {
/// @dev The block number when the snapshot was taken
uint32 block;
/// @dev The last index calculated by the formula index += (currentBlock - block) * fee
uint64 index;
/// @dev Total accumulated earnings calculated by the formula accumulated + lastIndex * validatorCount
uint64 balance;
}
/// @notice Represents an SSV operator
struct Operator {
/// @dev The number of validators associated with this operator
uint32 validatorCount;
/// @dev The fee charged by the operator, set to zero for private operators and cannot be increased once set
uint64 fee;
/// @dev The address of the operator's owner
address owner;
/// @dev private flag for this operator
bool whitelisted;
/// @dev The state snapshot of the operator
Snapshot snapshot;
}
/// @notice Represents a request to change an operator's fee
struct OperatorFeeChangeRequest {
/// @dev The new fee proposed by the operator
uint64 fee;
/// @dev The time when the approval period for the fee change begins
uint64 approvalBeginTime;
/// @dev The time when the approval period for the fee change ends
uint64 approvalEndTime;
}
/// @notice Represents a cluster of validators
struct Cluster {
/// @dev The number of validators in the cluster
uint32 validatorCount;
/// @dev The index of network fees related to this cluster
uint64 networkFeeIndex;
/// @dev The last index calculated for the cluster
uint64 index;
/// @dev Flag indicating whether the cluster is active
bool active;
/// @dev The balance of the cluster
uint256 balance;
}
/**********/
/* Errors */
/**********/
error CallerNotOwnerWithData(address caller, address owner); // 0x163678e9
error CallerNotWhitelistedWithData(uint64 operatorId); // 0xb7f529fe
error FeeTooLow(); // 0x732f9413
error FeeExceedsIncreaseLimit(); // 0x958065d9
error NoFeeDeclared(); // 0x1d226c30
error ApprovalNotWithinTimeframe(); // 0x97e4b518
error OperatorDoesNotExist(); // 0x961e3e8c
error InsufficientBalance(); // 0xf4d678b8
error ValidatorDoesNotExist(); // 0xe51315d2
error ClusterNotLiquidatable(); // 0x60300a8d
error InvalidPublicKeyLength(); // 0x637297a4
error InvalidOperatorIdsLength(); // 0x38186224
error ClusterAlreadyEnabled(); // 0x3babafd2
error ClusterIsLiquidated(); // 0x95a0cf33
error ClusterDoesNotExists(); // 0x185e2b16
error IncorrectClusterState(); // 0x12e04c87
error UnsortedOperatorsList(); // 0xdd020e25
error NewBlockPeriodIsBelowMinimum(); // 0x6e6c9cac
error ExceedValidatorLimitWithData(uint64 operatorId); // 0x8ddf7de4
error TokenTransferFailed(); // 0x045c4b02
error SameFeeChangeNotAllowed(); // 0xc81272f8
error FeeIncreaseNotAllowed(); // 0x410a2b6c
error NotAuthorized(); // 0xea8e4eb5
error OperatorsListNotUnique(); // 0xa5a1ff5d
error OperatorAlreadyExists(); // 0x289c9494
error TargetModuleDoesNotExistWithData(uint8 moduleId); // 0x208bb85d
error MaxValueExceeded(); // 0x91aa3017
error FeeTooHigh(); // 0xcd4e6167
error PublicKeysSharesLengthMismatch(); // 0x9ad467b8
error IncorrectValidatorStateWithData(bytes publicKey); // 0x89307938
error ValidatorAlreadyExistsWithData(bytes publicKey); // 0x388e7999
error EmptyPublicKeysList(); // df83e679
error InvalidContractAddress(); // 0xa710429d
error AddressIsWhitelistingContract(address contractAddress); // 0x71cadba7
error InvalidWhitelistingContract(address contractAddress); // 0x886e6a03
error InvalidWhitelistAddressesLength(); // 0xcbb362dc
error ZeroAddressNotAllowed(); // 0x8579befe
// legacy errors
error ValidatorAlreadyExists(); // 0x8d09a73e
error IncorrectValidatorState(); // 0x2feda3c1
error ExceedValidatorLimit(uint64 operatorId); // 0x6df5ab76
error CallerNotOwner(); // 0x5cd83192
error TargetModuleDoesNotExist(); // 0x8f9195fb
error CallerNotWhitelisted(); // 0x8c6e5d71
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
interface ISSVOperators is ISSVNetworkCore {
/// @notice Registers a new operator
/// @param publicKey The public key of the operator
/// @param fee The operator's fee (SSV)
/// @param setPrivate Flag indicating whether the operator should be set as private or not
function registerOperator(bytes calldata publicKey, uint256 fee, bool setPrivate) external returns (uint64);
/// @notice Removes an existing operator
/// @param operatorId The ID of the operator to be removed
function removeOperator(uint64 operatorId) external;
/// @notice Declares the operator's fee
/// @param operatorId The ID of the operator
/// @param fee The fee to be declared (SSV)
function declareOperatorFee(uint64 operatorId, uint256 fee) external;
/// @notice Executes the operator's fee
/// @param operatorId The ID of the operator
function executeOperatorFee(uint64 operatorId) external;
/// @notice Cancels the declared operator's fee
/// @param operatorId The ID of the operator
function cancelDeclaredOperatorFee(uint64 operatorId) external;
/// @notice Reduces the operator's fee
/// @param operatorId The ID of the operator
/// @param fee The new Operator's fee (SSV)
function reduceOperatorFee(uint64 operatorId, uint256 fee) external;
/// @notice Withdraws operator earnings
/// @param operatorId The ID of the operator
/// @param tokenAmount The amount of tokens to withdraw (SSV)
function withdrawOperatorEarnings(uint64 operatorId, uint256 tokenAmount) external;
/// @notice Withdraws all operator earnings
/// @param operatorId The ID of the operator
function withdrawAllOperatorEarnings(uint64 operatorId) external;
/// @notice Set the list of operators as private without checking for any whitelisting address
/// @notice The operators are considered private when registering validators
/// @param operatorIds The operator IDs to set as private
function setOperatorsPrivateUnchecked(uint64[] calldata operatorIds) external;
/// @notice Set the list of operators as public without removing any whitelisting address
/// @notice The operators still keep its adresses whitelisted (external contract or EOAs/generic contracts)
/// @notice The operators are considered public when registering validators
/// @param operatorIds The operator IDs to set as public
function setOperatorsPublicUnchecked(uint64[] calldata operatorIds) external;
/**
* @dev Emitted when a new operator has been added.
* @param operatorId operator's ID.
* @param owner Operator's ethereum address that can collect fees.
* @param publicKey Operator's public key. Will be used to encrypt secret shares of validators keys.
* @param fee Operator's fee.
*/
event OperatorAdded(uint64 indexed operatorId, address indexed owner, bytes publicKey, uint256 fee);
/**
* @dev Emitted when operator has been removed.
* @param operatorId operator's ID.
*/
event OperatorRemoved(uint64 indexed operatorId);
event OperatorFeeDeclared(address indexed owner, uint64 indexed operatorId, uint256 blockNumber, uint256 fee);
event OperatorFeeDeclarationCancelled(address indexed owner, uint64 indexed operatorId);
/**
* @dev Emitted when an operator's fee is updated.
* @param owner Operator's owner.
* @param blockNumber from which block number.
* @param fee updated fee value.
*/
event OperatorFeeExecuted(address indexed owner, uint64 indexed operatorId, uint256 blockNumber, uint256 fee);
event OperatorWithdrawn(address indexed owner, uint64 indexed operatorId, uint256 value);
event FeeRecipientAddressUpdated(address indexed owner, address recipientAddress);
/**
* @dev Emitted when the operators changed its privacy status
* @param operatorIds operators' IDs.
* @param toPrivate Flag that indicates if the operators are being set to private (true) or public (false).
*/
event OperatorPrivacyStatusUpdated(uint64[] operatorIds, bool toPrivate);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
import {ISSVWhitelistingContract} from "./external/ISSVWhitelistingContract.sol";
interface ISSVOperatorsWhitelist is ISSVNetworkCore {
/// @notice Sets a list of whitelisted addresses (EOAs or generic contracts) for a list of operators
/// @notice Changes to an operator's whitelist will not impact existing validators registered with that operator
/// @notice Only new validator registrations will adhere to the updated whitelist rules
/// @param operatorIds The operator IDs to set the whitelists for
/// @param whitelistAddresses The list of addresses to be whitelisted
function setOperatorsWhitelists(uint64[] calldata operatorIds, address[] calldata whitelistAddresses) external;
/// @notice Removes a list of whitelisted addresses (EOAs or generic contracts) for a list of operators
/// @param operatorIds Operator IDs for which whitelists are removed
/// @param whitelistAddresses List of addresses to be removed from the whitelist
function removeOperatorsWhitelists(uint64[] calldata operatorIds, address[] calldata whitelistAddresses) external;
/// @notice Sets a whitelisting contract for a list of operators
/// @param operatorIds The operator IDs to set the whitelisting contract for
/// @param whitelistingContract The address of a whitelisting contract
function setOperatorsWhitelistingContract(
uint64[] calldata operatorIds,
ISSVWhitelistingContract whitelistingContract
) external;
/// @notice Removes the whitelisting contract set for a list of operators
/// @param operatorIds The operator IDs to remove the whitelisting contract for
function removeOperatorsWhitelistingContract(uint64[] calldata operatorIds) external;
/**
* @dev Emitted when a list of adresses are whitelisted for a set of operators.
* @param operatorIds operators' IDs.
* @param whitelistAddresses operators' new whitelist addresses (EOAs or generic contracts).
*/
event OperatorMultipleWhitelistUpdated(uint64[] operatorIds, address[] whitelistAddresses);
/**
* @dev Emitted when a list of adresses are de-whitelisted for a set of operators.
* @param operatorIds operators' IDs.
* @param whitelistAddresses operators' list of whitelist addresses to be removed (EOAs or generic contracts).
*/
event OperatorMultipleWhitelistRemoved(uint64[] operatorIds, address[] whitelistAddresses);
/**
* @dev Emitted when the whitelisting contract of an operator is updated.
* @param operatorIds operators' IDs.
* @param whitelistingContract operators' new whitelisting contract address.
*/
event OperatorWhitelistingContractUpdated(uint64[] operatorIds, address whitelistingContract);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
interface ISSVViews is ISSVNetworkCore {
/// @notice Gets the validator status
/// @param owner The address of the validator's owner
/// @param publicKey The public key of the validator
/// @return active A boolean indicating if the validator is active. If it does not exist, returns false.
function getValidator(address owner, bytes calldata publicKey) external view returns (bool);
/// @notice Gets the operator fee
/// @param operatorId The ID of the operator
/// @return fee The fee associated with the operator (SSV). If the operator does not exist, the returned value is 0.
function getOperatorFee(uint64 operatorId) external view returns (uint256 fee);
/// @notice Gets the declared operator fee
/// @param operatorId The ID of the operator
/// @return isFeeDeclared A boolean indicating if the fee is declared
/// @return fee The declared operator fee (SSV)
/// @return approvalBeginTime The time when the fee approval process begins
/// @return approvalEndTime The time when the fee approval process ends
function getOperatorDeclaredFee(
uint64 operatorId
) external view returns (bool isFeeDeclared, uint256 fee, uint64 approvalBeginTime, uint64 approvalEndTime);
/// @notice Gets operator details by ID
/// @param operatorId The ID of the operator
/// @return owner The owner of the operator
/// @return fee The fee associated with the operator (SSV)
/// @return validatorCount The count of validators associated with the operator
/// @return whitelistedAddress The whitelisted address of the operator. It can be and EOA or generic contract (legacy) or a whitelisting contract
/// @return isPrivate A boolean indicating if the operator is private (uses whitelisting contract or SSV Whitelisting module)
/// @return active A boolean indicating if the operator is active
function getOperatorById(
uint64 operatorId
)
external
view
returns (
address owner,
uint256 fee,
uint32 validatorCount,
address whitelistedAddress,
bool isPrivate,
bool active
);
/// @notice Gets the list of operators that have the given whitelisted address (EOA or generic contract)
/// @param operatorIds The list of operator IDs to check
/// @param whitelistedAddress The address whitelisted for the operators
/// @return whitelistedOperatorIds The list of operator IDs that have the given whitelisted address
function getWhitelistedOperators(
uint64[] calldata operatorIds,
address whitelistedAddress
) external view returns (uint64[] memory whitelistedOperatorIds);
/// @notice Checks if the given address is a whitelisting contract (implements ISSVWhitelistingContract)
/// @param contractAddress The address to check
/// @return isWhitelistingContract A boolean indicating if the address is a whitelisting contract
function isWhitelistingContract(address contractAddress) external view returns (bool isWhitelistingContract);
/// @notice Checks if the given address is whitelisted in a specific whitelisting contract.
/// @notice It's up to the whitelisting contract implementation to use the operatorId parameter or not.
/// @param addressToCheck The address to check
/// @param operatorId The operator ID to check in combination with addressToCheck
/// @param whitelistingContract The whitelisting contract address
/// @return isWhitelisted A boolean indicating if the address is whitelisted in the given whitelisting contract for the given operator
function isAddressWhitelistedInWhitelistingContract(
address addressToCheck,
uint256 operatorId,
address whitelistingContract
) external view returns (bool isWhitelisted);
/// @notice Checks if the cluster can be liquidated
/// @param owner The owner address of the cluster
/// @param operatorIds The IDs of the operators in the cluster
/// @return isLiquidatable A boolean indicating if the cluster can be liquidated
function isLiquidatable(
address owner,
uint64[] calldata operatorIds,
Cluster memory cluster
) external view returns (bool isLiquidatable);
/// @notice Checks if the cluster is liquidated
/// @param owner The owner address of the cluster
/// @param operatorIds The IDs of the operators in the cluster
/// @return isLiquidated A boolean indicating if the cluster is liquidated
function isLiquidated(
address owner,
uint64[] memory operatorIds,
Cluster memory cluster
) external view returns (bool isLiquidated);
/// @notice Gets the burn rate of the cluster
/// @param owner The owner address of the cluster
/// @param operatorIds The IDs of the operators in the cluster
/// @return burnRate The burn rate of the cluster (SSV)
function getBurnRate(
address owner,
uint64[] memory operatorIds,
Cluster memory cluster
) external view returns (uint256 burnRate);
/// @notice Gets operator earnings
/// @param operatorId The ID of the operator
/// @return earnings The earnings associated with the operator (SSV)
function getOperatorEarnings(uint64 operatorId) external view returns (uint256 earnings);
/// @notice Gets the balance of the cluster
/// @param owner The owner address of the cluster
/// @param operatorIds The IDs of the operators in the cluster
/// @return balance The balance of the cluster (SSV)
function getBalance(
address owner,
uint64[] memory operatorIds,
Cluster memory cluster
) external view returns (uint256 balance);
/// @notice Gets the network fee
/// @return networkFee The fee associated with the network (SSV)
function getNetworkFee() external view returns (uint256 networkFee);
/// @notice Gets the network earnings
/// @return networkEarnings The earnings associated with the network (SSV)
function getNetworkEarnings() external view returns (uint256 networkEarnings);
/// @notice Gets the operator fee increase limit
/// @return The maximum limit of operator fee increase
function getOperatorFeeIncreaseLimit() external view returns (uint64);
/// @notice Gets the operator maximum fee for operators that use SSV token
/// @return The maximum fee value (SSV)
function getMaximumOperatorFee() external view returns (uint64);
/// @notice Gets the periods of operator fee declaration and execution
/// @return The period for declaring operator fee
/// @return The period for executing operator fee
function getOperatorFeePeriods() external view returns (uint64, uint64);
/// @notice Gets the liquidation threshold period
/// @return blocks The number of blocks for the liquidation threshold period
function getLiquidationThresholdPeriod() external view returns (uint64 blocks);
/// @notice Gets the minimum liquidation collateral
/// @return amount The minimum amount of collateral for liquidation (SSV)
function getMinimumLiquidationCollateral() external view returns (uint256 amount);
/// @notice Gets the maximum limit of validators per operator
/// @return validators The maximum number of validators per operator
function getValidatorsPerOperatorLimit() external view returns (uint32 validators);
/// @notice Gets the total number of validators in the network
/// @return validatorsCount The total number of validators in the network
function getNetworkValidatorsCount() external view returns (uint32 validatorsCount);
/// @notice Gets the version of the contract
/// @return The version of the contract
function getVersion() external view returns (string memory);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "./SSVStorage.sol";
library CoreLib {
event ModuleUpgraded(SSVModules indexed moduleId, address moduleAddress);
function getVersion() internal pure returns (string memory) {
return "v1.2.0";
}
function transferBalance(address to, uint256 amount) internal {
if (!SSVStorage.load().token.transfer(to, amount)) {
revert ISSVNetworkCore.TokenTransferFailed();
}
}
function deposit(uint256 amount) internal {
if (!SSVStorage.load().token.transferFrom(msg.sender, address(this), amount)) {
revert ISSVNetworkCore.TokenTransferFailed();
}
}
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
if (account == address(0)) {
return false;
}
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly {
size := extcodesize(account)
}
return size > 0;
}
function setModuleContract(SSVModules moduleId, address moduleAddress) internal {
if (!isContract(moduleAddress)) revert ISSVNetworkCore.TargetModuleDoesNotExistWithData(uint8(moduleId));
SSVStorage.load().ssvContracts[moduleId] = moduleAddress;
emit ModuleUpgraded(moduleId, moduleAddress);
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "../interfaces/ISSVNetworkCore.sol";
import "@openzeppelin/contracts/utils/Counters.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
enum SSVModules {
SSV_OPERATORS,
SSV_CLUSTERS,
SSV_DAO,
SSV_VIEWS,
SSV_OPERATORS_WHITELIST
}
/// @title SSV Network Storage Data
/// @notice Represents all operational state required by the SSV Network
struct StorageData {
/// @notice Maps each validator's public key to its hashed representation of: operator Ids used by the validator and active / inactive flag (uses LSB)
mapping(bytes32 => bytes32) validatorPKs;
/// @notice Maps each cluster's bytes32 identifier to its hashed representation of ISSVNetworkCore.Cluster
mapping(bytes32 => bytes32) clusters;
/// @notice Maps each operator's public key to its corresponding ID
mapping(bytes32 => uint64) operatorsPKs;
/// @notice Maps each SSVModules' module to its corresponding contract address
mapping(SSVModules => address) ssvContracts;
/// @notice Operators' whitelist: Maps each operator's ID to a whitelisting contract
mapping(uint64 => address) operatorsWhitelist;
/// @notice Maps each operator's ID to its corresponding operator fee change request data
mapping(uint64 => ISSVNetworkCore.OperatorFeeChangeRequest) operatorFeeChangeRequests;
/// @notice Maps each operator's ID to its corresponding operator data
mapping(uint64 => ISSVNetworkCore.Operator) operators;
/// @notice The SSV token used within the network (fees, rewards)
IERC20 token;
/// @notice Counter keeping track of the last Operator ID issued
Counters.Counter lastOperatorId;
/// @notice Operators' whitelist: Maps each whitelisted address to a list of operators
/// @notice that are whitelisted for that address using bitmaps
/// @dev The nested mapping's key represents a uint256 slot to handle more than 256 operators per address
mapping(address => mapping(uint256 => uint256)) addressWhitelistedForOperators;
}
library SSVStorage {
uint256 private constant SSV_STORAGE_POSITION = uint256(keccak256("ssv.network.storage.main")) - 1;
function load() internal pure returns (StorageData storage sd) {
uint256 position = SSV_STORAGE_POSITION;
assembly {
sd.slot := position
}
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
/// @title SSV Network Storage Protocol
/// @notice Represents the operational settings and parameters required by the SSV Network
struct StorageProtocol {
/// @notice The block number when the network fee index was last updated
uint32 networkFeeIndexBlockNumber;
/// @notice The count of validators governed by the DAO
uint32 daoValidatorCount;
/// @notice The block number when the DAO index was last updated
uint32 daoIndexBlockNumber;
/// @notice The maximum limit of validators per operator
uint32 validatorsPerOperatorLimit;
/// @notice The current network fee value
uint64 networkFee;
/// @notice The current network fee index value
uint64 networkFeeIndex;
/// @notice The current balance of the DAO
uint64 daoBalance;
/// @notice The minimum number of blocks before a liquidation event can be triggered
uint64 minimumBlocksBeforeLiquidation;
/// @notice The minimum collateral required for liquidation
uint64 minimumLiquidationCollateral;
/// @notice The period in which an operator can declare a fee change
uint64 declareOperatorFeePeriod;
/// @notice The period in which an operator fee change can be executed
uint64 executeOperatorFeePeriod;
/// @notice The maximum increase in operator fee that is allowed (percentage)
uint64 operatorMaxFeeIncrease;
/// @notice The maximum value in operator fee that is allowed (SSV)
uint64 operatorMaxFee;
}
library SSVStorageProtocol {
uint256 private constant SSV_STORAGE_POSITION = uint256(keccak256("ssv.network.storage.protocol")) - 1;
function load() internal pure returns (StorageProtocol storage sd) {
uint256 position = SSV_STORAGE_POSITION;
assembly {
sd.slot := position
}
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
uint256 constant DEDUCTED_DIGITS = 10_000_000;
library Types64 {
function expand(uint64 value) internal pure returns (uint256) {
return value * DEDUCTED_DIGITS;
}
}
library Types256 {
function shrink(uint256 value) internal pure returns (uint64) {
require(value < (2 ** 64 * DEDUCTED_DIGITS), "Max value exceeded");
return uint64(shrinkable(value) / DEDUCTED_DIGITS);
}
function shrinkable(uint256 value) internal pure returns (uint256) {
require(value % DEDUCTED_DIGITS == 0, "Max precision exceeded");
return value;
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "./interfaces/ISSVNetwork.sol";
import "./interfaces/ISSVClusters.sol";
import "./interfaces/ISSVOperators.sol";
import "./interfaces/ISSVOperatorsWhitelist.sol";
import "./interfaces/ISSVDAO.sol";
import "./interfaces/ISSVViews.sol";
import "./interfaces/external/ISSVWhitelistingContract.sol";
import "./libraries/Types.sol";
import "./libraries/CoreLib.sol";
import "./libraries/SSVStorage.sol";
import "./libraries/SSVStorageProtocol.sol";
import "./SSVProxy.sol";
import {SSVModules} from "./libraries/SSVStorage.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
import "@openzeppelin/contracts-upgradeable/access/Ownable2StepUpgradeable.sol";
contract SSVNetwork is
UUPSUpgradeable,
Ownable2StepUpgradeable,
ISSVNetwork,
ISSVOperators,
ISSVOperatorsWhitelist,
ISSVClusters,
ISSVDAO,
SSVProxy
{
using Types256 for uint256;
/****************/
/* Initializers */
/****************/
function initialize(
IERC20 token_,
ISSVOperators ssvOperators_,
ISSVClusters ssvClusters_,
ISSVDAO ssvDAO_,
ISSVViews ssvViews_,
uint64 minimumBlocksBeforeLiquidation_,
uint256 minimumLiquidationCollateral_,
uint32 validatorsPerOperatorLimit_,
uint64 declareOperatorFeePeriod_,
uint64 executeOperatorFeePeriod_,
uint64 operatorMaxFeeIncrease_
) external override initializer onlyProxy {
__UUPSUpgradeable_init();
__Ownable_init_unchained();
__SSVNetwork_init_unchained(
token_,
ssvOperators_,
ssvClusters_,
ssvDAO_,
ssvViews_,
minimumBlocksBeforeLiquidation_,
minimumLiquidationCollateral_,
validatorsPerOperatorLimit_,
declareOperatorFeePeriod_,
executeOperatorFeePeriod_,
operatorMaxFeeIncrease_
);
}
function __SSVNetwork_init_unchained(
IERC20 token_,
ISSVOperators ssvOperators_,
ISSVClusters ssvClusters_,
ISSVDAO ssvDAO_,
ISSVViews ssvViews_,
uint64 minimumBlocksBeforeLiquidation_,
uint256 minimumLiquidationCollateral_,
uint32 validatorsPerOperatorLimit_,
uint64 declareOperatorFeePeriod_,
uint64 executeOperatorFeePeriod_,
uint64 operatorMaxFeeIncrease_
) internal onlyInitializing {
StorageData storage s = SSVStorage.load();
StorageProtocol storage sp = SSVStorageProtocol.load();
s.token = token_;
s.ssvContracts[SSVModules.SSV_OPERATORS] = address(ssvOperators_);
s.ssvContracts[SSVModules.SSV_CLUSTERS] = address(ssvClusters_);
s.ssvContracts[SSVModules.SSV_DAO] = address(ssvDAO_);
s.ssvContracts[SSVModules.SSV_VIEWS] = address(ssvViews_);
sp.minimumBlocksBeforeLiquidation = minimumBlocksBeforeLiquidation_;
sp.minimumLiquidationCollateral = minimumLiquidationCollateral_.shrink();
sp.validatorsPerOperatorLimit = validatorsPerOperatorLimit_;
sp.declareOperatorFeePeriod = declareOperatorFeePeriod_;
sp.executeOperatorFeePeriod = executeOperatorFeePeriod_;
sp.operatorMaxFeeIncrease = operatorMaxFeeIncrease_;
}
/// @custom:oz-upgrades-unsafe-allow constructor
constructor() {
_disableInitializers();
}
/*****************/
/* UUPS required */
/*****************/
function _authorizeUpgrade(address) internal override onlyOwner {}
/*********************/
/* Fallback function */
/*********************/
fallback() external {
// Delegates the call to the address of the SSV Views module
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_VIEWS]);
}
/*******************************/
/* Operator External Functions */
/*******************************/
function registerOperator(
bytes calldata publicKey,
uint256 fee,
bool setPrivate
) external override returns (uint64 id) {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function removeOperator(uint64 operatorId) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function setOperatorsWhitelists(
uint64[] calldata operatorIds,
address[] calldata whitelistAddresses
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS_WHITELIST]);
}
function removeOperatorsWhitelists(
uint64[] calldata operatorIds,
address[] calldata whitelistAddresses
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS_WHITELIST]);
}
function setOperatorsWhitelistingContract(
uint64[] calldata operatorIds,
ISSVWhitelistingContract whitelistingContract
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS_WHITELIST]);
}
function setOperatorsPrivateUnchecked(uint64[] calldata operatorIds) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function setOperatorsPublicUnchecked(uint64[] calldata operatorIds) external {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function removeOperatorsWhitelistingContract(uint64[] calldata operatorIds) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS_WHITELIST]);
}
function declareOperatorFee(uint64 operatorId, uint256 fee) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function executeOperatorFee(uint64 operatorId) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function cancelDeclaredOperatorFee(uint64 operatorId) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function reduceOperatorFee(uint64 operatorId, uint256 fee) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function withdrawOperatorEarnings(uint64 operatorId, uint256 amount) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
function withdrawAllOperatorEarnings(uint64 operatorId) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_OPERATORS]);
}
/*******************************/
/* Address External Functions */
/*******************************/
function setFeeRecipientAddress(address recipientAddress) external override {
emit FeeRecipientAddressUpdated(msg.sender, recipientAddress);
}
/*******************************/
/* Validator External Functions */
/*******************************/
function registerValidator(
bytes calldata publicKey,
uint64[] calldata operatorIds,
bytes calldata sharesData,
uint256 amount,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function bulkRegisterValidator(
bytes[] calldata publicKeys,
uint64[] calldata operatorIds,
bytes[] calldata sharesData,
uint256 amount,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function removeValidator(
bytes calldata publicKey,
uint64[] calldata operatorIds,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function bulkRemoveValidator(
bytes[] calldata publicKeys,
uint64[] calldata operatorIds,
Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function liquidate(
address clusterOwner,
uint64[] calldata operatorIds,
ISSVNetworkCore.Cluster memory cluster
) external {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function reactivate(
uint64[] calldata operatorIds,
uint256 amount,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function deposit(
address clusterOwner,
uint64[] calldata operatorIds,
uint256 amount,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function withdraw(
uint64[] calldata operatorIds,
uint256 amount,
ISSVNetworkCore.Cluster memory cluster
) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function exitValidator(bytes calldata publicKey, uint64[] calldata operatorIds) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function bulkExitValidator(bytes[] calldata publicKeys, uint64[] calldata operatorIds) external override {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_CLUSTERS]);
}
function updateNetworkFee(uint256 fee) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function withdrawNetworkEarnings(uint256 amount) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateOperatorFeeIncreaseLimit(uint64 percentage) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateDeclareOperatorFeePeriod(uint64 timeInSeconds) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateExecuteOperatorFeePeriod(uint64 timeInSeconds) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateLiquidationThresholdPeriod(uint64 blocks) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateMinimumLiquidationCollateral(uint256 amount) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function updateMaximumOperatorFee(uint64 maxFee) external override onlyOwner {
_delegate(SSVStorage.load().ssvContracts[SSVModules.SSV_DAO]);
}
function getVersion() external pure override returns (string memory version) {
return CoreLib.getVersion();
}
/*******************************/
/* Upgrade Modules Function */
/*******************************/
function updateModule(SSVModules moduleId, address moduleAddress) external onlyOwner {
CoreLib.setModuleContract(moduleId, moduleAddress);
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import {SSVModules, SSVStorage, StorageData} from "./libraries/SSVStorage.sol";
abstract contract SSVProxy {
function _delegate(address implementation) internal {
assembly {
// Copy msg.data. We take full control of memory in this inline assembly
// block because it will not return to Solidity code. We overwrite the
// Solidity scratch pad at memory position 0.
calldatacopy(0, 0, calldatasize())
// Call the implementation.
// out and outsize are 0 because we don't know the size yet.
let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
// Copy the returned data.
returndatacopy(0, 0, returndatasize())
switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "../../SSVNetwork.sol";
contract SSVNetworkUpgradeValidatorsPerOperator is SSVNetwork {
function initializev2(uint32 validatorsPerOperatorLimit_) external onlyOwner {
SSVStorageProtocol.load().validatorsPerOperatorLimit = validatorsPerOperatorLimit_;
}
}
File 3 of 3: SSVOperators
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 amount) external returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Counters.sol)
pragma solidity ^0.8.0;
/**
* @title Counters
* @author Matt Condon (@shrugs)
* @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number
* of elements in a mapping, issuing ERC721 ids, or counting request ids.
*
* Include with `using Counters for Counters.Counter;`
*/
library Counters {
struct Counter {
// This variable should never be directly accessed by users of the library: interactions must be restricted to
// the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add
// this feature: see https://github.com/ethereum/solidity/issues/4637
uint256 _value; // default: 0
}
function current(Counter storage counter) internal view returns (uint256) {
return counter._value;
}
function increment(Counter storage counter) internal {
unchecked {
counter._value += 1;
}
}
function decrement(Counter storage counter) internal {
uint256 value = counter._value;
require(value > 0, "Counter: decrement overflow");
unchecked {
counter._value = value - 1;
}
}
function reset(Counter storage counter) internal {
counter._value = 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/introspection/ERC165Checker.sol)
pragma solidity ^0.8.0;
import "./IERC165.sol";
/**
* @dev Library used to query support of an interface declared via {IERC165}.
*
* Note that these functions return the actual result of the query: they do not
* `revert` if an interface is not supported. It is up to the caller to decide
* what to do in these cases.
*/
library ERC165Checker {
// As per the EIP-165 spec, no interface should ever match 0xffffffff
bytes4 private constant _INTERFACE_ID_INVALID = 0xffffffff;
/**
* @dev Returns true if `account` supports the {IERC165} interface.
*/
function supportsERC165(address account) internal view returns (bool) {
// Any contract that implements ERC165 must explicitly indicate support of
// InterfaceId_ERC165 and explicitly indicate non-support of InterfaceId_Invalid
return
supportsERC165InterfaceUnchecked(account, type(IERC165).interfaceId) &&
!supportsERC165InterfaceUnchecked(account, _INTERFACE_ID_INVALID);
}
/**
* @dev Returns true if `account` supports the interface defined by
* `interfaceId`. Support for {IERC165} itself is queried automatically.
*
* See {IERC165-supportsInterface}.
*/
function supportsInterface(address account, bytes4 interfaceId) internal view returns (bool) {
// query support of both ERC165 as per the spec and support of _interfaceId
return supportsERC165(account) && supportsERC165InterfaceUnchecked(account, interfaceId);
}
/**
* @dev Returns a boolean array where each value corresponds to the
* interfaces passed in and whether they're supported or not. This allows
* you to batch check interfaces for a contract where your expectation
* is that some interfaces may not be supported.
*
* See {IERC165-supportsInterface}.
*
* _Available since v3.4._
*/
function getSupportedInterfaces(
address account,
bytes4[] memory interfaceIds
) internal view returns (bool[] memory) {
// an array of booleans corresponding to interfaceIds and whether they're supported or not
bool[] memory interfaceIdsSupported = new bool[](interfaceIds.length);
// query support of ERC165 itself
if (supportsERC165(account)) {
// query support of each interface in interfaceIds
for (uint256 i = 0; i < interfaceIds.length; i++) {
interfaceIdsSupported[i] = supportsERC165InterfaceUnchecked(account, interfaceIds[i]);
}
}
return interfaceIdsSupported;
}
/**
* @dev Returns true if `account` supports all the interfaces defined in
* `interfaceIds`. Support for {IERC165} itself is queried automatically.
*
* Batch-querying can lead to gas savings by skipping repeated checks for
* {IERC165} support.
*
* See {IERC165-supportsInterface}.
*/
function supportsAllInterfaces(address account, bytes4[] memory interfaceIds) internal view returns (bool) {
// query support of ERC165 itself
if (!supportsERC165(account)) {
return false;
}
// query support of each interface in interfaceIds
for (uint256 i = 0; i < interfaceIds.length; i++) {
if (!supportsERC165InterfaceUnchecked(account, interfaceIds[i])) {
return false;
}
}
// all interfaces supported
return true;
}
/**
* @notice Query if a contract implements an interface, does not check ERC165 support
* @param account The address of the contract to query for support of an interface
* @param interfaceId The interface identifier, as specified in ERC-165
* @return true if the contract at account indicates support of the interface with
* identifier interfaceId, false otherwise
* @dev Assumes that account contains a contract that supports ERC165, otherwise
* the behavior of this method is undefined. This precondition can be checked
* with {supportsERC165}.
*
* Some precompiled contracts will falsely indicate support for a given interface, so caution
* should be exercised when using this function.
*
* Interface identification is specified in ERC-165.
*/
function supportsERC165InterfaceUnchecked(address account, bytes4 interfaceId) internal view returns (bool) {
// prepare call
bytes memory encodedParams = abi.encodeWithSelector(IERC165.supportsInterface.selector, interfaceId);
// perform static call
bool success;
uint256 returnSize;
uint256 returnValue;
assembly {
success := staticcall(30000, account, add(encodedParams, 0x20), mload(encodedParams), 0x00, 0x20)
returnSize := returndatasize()
returnValue := mload(0x00)
}
return success && returnSize >= 0x20 && returnValue > 0;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
interface ISSVWhitelistingContract {
/// @notice Checks if the caller is whitelisted
/// @param account The account that is being checked for whitelisting
/// @param operatorId The SSV Operator Id which is being checked
function isWhitelisted(address account, uint256 operatorId) external view returns (bool);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
interface ISSVNetworkCore {
/***********/
/* Structs */
/***********/
/// @notice Represents a snapshot of an operator's or a DAO's state at a certain block
struct Snapshot {
/// @dev The block number when the snapshot was taken
uint32 block;
/// @dev The last index calculated by the formula index += (currentBlock - block) * fee
uint64 index;
/// @dev Total accumulated earnings calculated by the formula accumulated + lastIndex * validatorCount
uint64 balance;
}
/// @notice Represents an SSV operator
struct Operator {
/// @dev The number of validators associated with this operator
uint32 validatorCount;
/// @dev The fee charged by the operator, set to zero for private operators and cannot be increased once set
uint64 fee;
/// @dev The address of the operator's owner
address owner;
/// @dev private flag for this operator
bool whitelisted;
/// @dev The state snapshot of the operator
Snapshot snapshot;
}
/// @notice Represents a request to change an operator's fee
struct OperatorFeeChangeRequest {
/// @dev The new fee proposed by the operator
uint64 fee;
/// @dev The time when the approval period for the fee change begins
uint64 approvalBeginTime;
/// @dev The time when the approval period for the fee change ends
uint64 approvalEndTime;
}
/// @notice Represents a cluster of validators
struct Cluster {
/// @dev The number of validators in the cluster
uint32 validatorCount;
/// @dev The index of network fees related to this cluster
uint64 networkFeeIndex;
/// @dev The last index calculated for the cluster
uint64 index;
/// @dev Flag indicating whether the cluster is active
bool active;
/// @dev The balance of the cluster
uint256 balance;
}
/**********/
/* Errors */
/**********/
error CallerNotOwnerWithData(address caller, address owner); // 0x163678e9
error CallerNotWhitelistedWithData(uint64 operatorId); // 0xb7f529fe
error FeeTooLow(); // 0x732f9413
error FeeExceedsIncreaseLimit(); // 0x958065d9
error NoFeeDeclared(); // 0x1d226c30
error ApprovalNotWithinTimeframe(); // 0x97e4b518
error OperatorDoesNotExist(); // 0x961e3e8c
error InsufficientBalance(); // 0xf4d678b8
error ValidatorDoesNotExist(); // 0xe51315d2
error ClusterNotLiquidatable(); // 0x60300a8d
error InvalidPublicKeyLength(); // 0x637297a4
error InvalidOperatorIdsLength(); // 0x38186224
error ClusterAlreadyEnabled(); // 0x3babafd2
error ClusterIsLiquidated(); // 0x95a0cf33
error ClusterDoesNotExists(); // 0x185e2b16
error IncorrectClusterState(); // 0x12e04c87
error UnsortedOperatorsList(); // 0xdd020e25
error NewBlockPeriodIsBelowMinimum(); // 0x6e6c9cac
error ExceedValidatorLimitWithData(uint64 operatorId); // 0x8ddf7de4
error TokenTransferFailed(); // 0x045c4b02
error SameFeeChangeNotAllowed(); // 0xc81272f8
error FeeIncreaseNotAllowed(); // 0x410a2b6c
error NotAuthorized(); // 0xea8e4eb5
error OperatorsListNotUnique(); // 0xa5a1ff5d
error OperatorAlreadyExists(); // 0x289c9494
error TargetModuleDoesNotExistWithData(uint8 moduleId); // 0x208bb85d
error MaxValueExceeded(); // 0x91aa3017
error FeeTooHigh(); // 0xcd4e6167
error PublicKeysSharesLengthMismatch(); // 0x9ad467b8
error IncorrectValidatorStateWithData(bytes publicKey); // 0x89307938
error ValidatorAlreadyExistsWithData(bytes publicKey); // 0x388e7999
error EmptyPublicKeysList(); // df83e679
error InvalidContractAddress(); // 0xa710429d
error AddressIsWhitelistingContract(address contractAddress); // 0x71cadba7
error InvalidWhitelistingContract(address contractAddress); // 0x886e6a03
error InvalidWhitelistAddressesLength(); // 0xcbb362dc
error ZeroAddressNotAllowed(); // 0x8579befe
// legacy errors
error ValidatorAlreadyExists(); // 0x8d09a73e
error IncorrectValidatorState(); // 0x2feda3c1
error ExceedValidatorLimit(uint64 operatorId); // 0x6df5ab76
error CallerNotOwner(); // 0x5cd83192
error TargetModuleDoesNotExist(); // 0x8f9195fb
error CallerNotWhitelisted(); // 0x8c6e5d71
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity ^0.8.20;
import {ISSVNetworkCore} from "./ISSVNetworkCore.sol";
interface ISSVOperators is ISSVNetworkCore {
/// @notice Registers a new operator
/// @param publicKey The public key of the operator
/// @param fee The operator's fee (SSV)
/// @param setPrivate Flag indicating whether the operator should be set as private or not
function registerOperator(bytes calldata publicKey, uint256 fee, bool setPrivate) external returns (uint64);
/// @notice Removes an existing operator
/// @param operatorId The ID of the operator to be removed
function removeOperator(uint64 operatorId) external;
/// @notice Declares the operator's fee
/// @param operatorId The ID of the operator
/// @param fee The fee to be declared (SSV)
function declareOperatorFee(uint64 operatorId, uint256 fee) external;
/// @notice Executes the operator's fee
/// @param operatorId The ID of the operator
function executeOperatorFee(uint64 operatorId) external;
/// @notice Cancels the declared operator's fee
/// @param operatorId The ID of the operator
function cancelDeclaredOperatorFee(uint64 operatorId) external;
/// @notice Reduces the operator's fee
/// @param operatorId The ID of the operator
/// @param fee The new Operator's fee (SSV)
function reduceOperatorFee(uint64 operatorId, uint256 fee) external;
/// @notice Withdraws operator earnings
/// @param operatorId The ID of the operator
/// @param tokenAmount The amount of tokens to withdraw (SSV)
function withdrawOperatorEarnings(uint64 operatorId, uint256 tokenAmount) external;
/// @notice Withdraws all operator earnings
/// @param operatorId The ID of the operator
function withdrawAllOperatorEarnings(uint64 operatorId) external;
/// @notice Set the list of operators as private without checking for any whitelisting address
/// @notice The operators are considered private when registering validators
/// @param operatorIds The operator IDs to set as private
function setOperatorsPrivateUnchecked(uint64[] calldata operatorIds) external;
/// @notice Set the list of operators as public without removing any whitelisting address
/// @notice The operators still keep its adresses whitelisted (external contract or EOAs/generic contracts)
/// @notice The operators are considered public when registering validators
/// @param operatorIds The operator IDs to set as public
function setOperatorsPublicUnchecked(uint64[] calldata operatorIds) external;
/**
* @dev Emitted when a new operator has been added.
* @param operatorId operator's ID.
* @param owner Operator's ethereum address that can collect fees.
* @param publicKey Operator's public key. Will be used to encrypt secret shares of validators keys.
* @param fee Operator's fee.
*/
event OperatorAdded(uint64 indexed operatorId, address indexed owner, bytes publicKey, uint256 fee);
/**
* @dev Emitted when operator has been removed.
* @param operatorId operator's ID.
*/
event OperatorRemoved(uint64 indexed operatorId);
event OperatorFeeDeclared(address indexed owner, uint64 indexed operatorId, uint256 blockNumber, uint256 fee);
event OperatorFeeDeclarationCancelled(address indexed owner, uint64 indexed operatorId);
/**
* @dev Emitted when an operator's fee is updated.
* @param owner Operator's owner.
* @param blockNumber from which block number.
* @param fee updated fee value.
*/
event OperatorFeeExecuted(address indexed owner, uint64 indexed operatorId, uint256 blockNumber, uint256 fee);
event OperatorWithdrawn(address indexed owner, uint64 indexed operatorId, uint256 value);
event FeeRecipientAddressUpdated(address indexed owner, address recipientAddress);
/**
* @dev Emitted when the operators changed its privacy status
* @param operatorIds operators' IDs.
* @param toPrivate Flag that indicates if the operators are being set to private (true) or public (false).
*/
event OperatorPrivacyStatusUpdated(uint64[] operatorIds, bool toPrivate);
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "./SSVStorage.sol";
library CoreLib {
event ModuleUpgraded(SSVModules indexed moduleId, address moduleAddress);
function getVersion() internal pure returns (string memory) {
return "v1.2.0";
}
function transferBalance(address to, uint256 amount) internal {
if (!SSVStorage.load().token.transfer(to, amount)) {
revert ISSVNetworkCore.TokenTransferFailed();
}
}
function deposit(uint256 amount) internal {
if (!SSVStorage.load().token.transferFrom(msg.sender, address(this), amount)) {
revert ISSVNetworkCore.TokenTransferFailed();
}
}
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
if (account == address(0)) {
return false;
}
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly {
size := extcodesize(account)
}
return size > 0;
}
function setModuleContract(SSVModules moduleId, address moduleAddress) internal {
if (!isContract(moduleAddress)) revert ISSVNetworkCore.TargetModuleDoesNotExistWithData(uint8(moduleId));
SSVStorage.load().ssvContracts[moduleId] = moduleAddress;
emit ModuleUpgraded(moduleId, moduleAddress);
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "../interfaces/ISSVNetworkCore.sol";
import {ISSVWhitelistingContract} from "../interfaces/external/ISSVWhitelistingContract.sol";
import {StorageData} from "./SSVStorage.sol";
import {StorageProtocol} from "./SSVStorageProtocol.sol";
import {Types64} from "./Types.sol";
import "@openzeppelin/contracts/utils/introspection/ERC165Checker.sol";
library OperatorLib {
using Types64 for uint64;
function updateSnapshot(ISSVNetworkCore.Operator memory operator) internal view {
uint64 blockDiffFee = (uint32(block.number) - operator.snapshot.block) * operator.fee;
operator.snapshot.index += blockDiffFee;
operator.snapshot.balance += blockDiffFee * operator.validatorCount;
operator.snapshot.block = uint32(block.number);
}
function updateSnapshotSt(ISSVNetworkCore.Operator storage operator) internal {
uint64 blockDiffFee = (uint32(block.number) - operator.snapshot.block) * operator.fee;
operator.snapshot.index += blockDiffFee;
operator.snapshot.balance += blockDiffFee * operator.validatorCount;
operator.snapshot.block = uint32(block.number);
}
function checkOwner(ISSVNetworkCore.Operator memory operator) internal view {
if (operator.snapshot.block == 0) revert ISSVNetworkCore.OperatorDoesNotExist();
if (operator.owner != msg.sender) revert ISSVNetworkCore.CallerNotOwnerWithData(msg.sender, operator.owner);
}
function updateClusterOperatorsOnRegistration(
uint64[] memory operatorIds,
uint32 deltaValidatorCount,
StorageData storage s,
StorageProtocol storage sp
) internal returns (uint64 cumulativeIndex, uint64 cumulativeFee) {
uint256 operatorsLength = operatorIds.length;
uint256 blockIndex;
uint256 lastBlockIndex = ~uint256(0); // Use an invalid block index as the initial value
uint256 currentWhitelistedMask;
for (uint256 i; i < operatorsLength; ++i) {
uint64 operatorId = operatorIds[i];
if (i + 1 < operatorsLength) {
if (operatorId > operatorIds[i + 1]) {
revert ISSVNetworkCore.UnsortedOperatorsList();
} else if (operatorId == operatorIds[i + 1]) {
revert ISSVNetworkCore.OperatorsListNotUnique();
}
}
ISSVNetworkCore.Operator memory operator = s.operators[operatorId];
if (operator.snapshot.block == 0) {
revert ISSVNetworkCore.OperatorDoesNotExist();
}
// check if the pending operator is whitelisted (must be backward compatible)
if (operator.whitelisted) {
// Handle bitmap-based whitelisting
blockIndex = operatorId >> 8;
if (blockIndex != lastBlockIndex) {
currentWhitelistedMask = s.addressWhitelistedForOperators[msg.sender][blockIndex];
lastBlockIndex = blockIndex;
}
// if msg.sender is not whitelisted via bitmap, check for legacy whitelist/whitelisting contract
if (currentWhitelistedMask & (1 << (operatorId & 0xFF)) == 0) {
address whitelistedAddress = s.operatorsWhitelist[operatorId];
if (whitelistedAddress == address(0)) {
// msg.sender is not whitelisted via bitmap or legacy whitelist/whitelisting contract
revert ISSVNetworkCore.CallerNotWhitelistedWithData(operatorId);
}
// Legacy address & whitelisting contract check
if (whitelistedAddress != msg.sender) {
// Check if whitelistedAddress is a valid whitelisting contract and if msg.sender is whitelisted by it
// For non-whitelisting contracts, check if msg.sender is whitelisted (EOAs or generic contracts)
if (
!OperatorLib.isWhitelistingContract(whitelistedAddress) ||
!ISSVWhitelistingContract(whitelistedAddress).isWhitelisted(msg.sender, operatorId)
) {
revert ISSVNetworkCore.CallerNotWhitelistedWithData(operatorId);
}
}
}
}
updateSnapshot(operator);
if ((operator.validatorCount += deltaValidatorCount) > sp.validatorsPerOperatorLimit) {
revert ISSVNetworkCore.ExceedValidatorLimitWithData(operatorId);
}
cumulativeFee += operator.fee;
cumulativeIndex += operator.snapshot.index;
s.operators[operatorId] = operator;
}
}
function updateClusterOperators(
uint64[] memory operatorIds,
bool increaseValidatorCount,
uint32 deltaValidatorCount,
StorageData storage s,
StorageProtocol storage sp
) internal returns (uint64 cumulativeIndex, uint64 cumulativeFee) {
uint256 operatorsLength = operatorIds.length;
for (uint256 i; i < operatorsLength; ++i) {
uint64 operatorId = operatorIds[i];
ISSVNetworkCore.Operator storage operator = s.operators[operatorId];
if (operator.snapshot.block != 0) {
updateSnapshotSt(operator);
if (!increaseValidatorCount) {
operator.validatorCount -= deltaValidatorCount;
} else if ((operator.validatorCount += deltaValidatorCount) > sp.validatorsPerOperatorLimit) {
revert ISSVNetworkCore.ExceedValidatorLimitWithData(operatorId);
}
cumulativeFee += operator.fee;
}
cumulativeIndex += operator.snapshot.index;
}
}
function updateMultipleWhitelists(
address[] calldata whitelistAddresses,
uint64[] calldata operatorIds,
bool registerAddresses,
StorageData storage s
) internal {
uint256 addressesLength = whitelistAddresses.length;
if (addressesLength == 0) revert ISSVNetworkCore.InvalidWhitelistAddressesLength();
checkOperatorsLength(operatorIds);
// create the max number of masks that will be updated
(uint256[] memory masks, uint256 startBlockIndex) = generateBlockMasks(operatorIds, true, s);
uint256 endBlockIndex = startBlockIndex + masks.length;
for (uint256 i; i < addressesLength; ++i) {
address whitelistAddress = whitelistAddresses[i];
checkZeroAddress(whitelistAddress);
// If whitelistAddress is a custom contract, reverts only when registering addresses
if (registerAddresses && isWhitelistingContract(whitelistAddress))
revert ISSVNetworkCore.AddressIsWhitelistingContract(whitelistAddress);
for (uint256 blockIndex = startBlockIndex; blockIndex < endBlockIndex; ++blockIndex) {
// only update storage for updated masks
uint256 mask = masks[blockIndex - startBlockIndex];
if (mask != 0) {
if (registerAddresses) {
s.addressWhitelistedForOperators[whitelistAddress][blockIndex] |= mask;
} else {
s.addressWhitelistedForOperators[whitelistAddress][blockIndex] &= ~mask;
}
}
}
}
}
function generateBlockMasks(
uint64[] calldata operatorIds,
bool checkOperatorsOwnership,
StorageData storage s
) internal view returns (uint256[] memory masks, uint256 startBlockIndex) {
uint256 operatorsLength = operatorIds.length;
startBlockIndex = operatorIds[0] >> 8;
// Create the masks array from startBlockIndex to the last block index
masks = new uint256[]((operatorIds[operatorsLength - 1] >> 8) - startBlockIndex + 1);
uint64 currentOperatorId;
uint64 prevOperatorId;
for (uint256 i; i < operatorsLength; ++i) {
currentOperatorId = operatorIds[i];
if (checkOperatorsOwnership) {
checkOwner(s.operators[currentOperatorId]);
}
if (i > 0 && currentOperatorId <= prevOperatorId) {
if (currentOperatorId == prevOperatorId) {
revert ISSVNetworkCore.OperatorsListNotUnique();
}
revert ISSVNetworkCore.UnsortedOperatorsList();
}
(uint256 blockIndex, uint256 bitPosition) = getBitmapIndexes(currentOperatorId);
masks[blockIndex - startBlockIndex] |= (1 << bitPosition);
prevOperatorId = currentOperatorId;
}
}
function updatePrivacyStatus(uint64[] calldata operatorIds, bool setPrivate, StorageData storage s) internal {
uint256 operatorsLength = checkOperatorsLength(operatorIds);
ISSVNetworkCore.Operator storage operator;
for (uint256 i; i < operatorsLength; ++i) {
uint64 operatorId = operatorIds[i];
operator = s.operators[operatorId];
checkOwner(operator);
operator.whitelisted = setPrivate;
}
}
function getBitmapIndexes(uint64 operatorId) internal pure returns (uint256 blockIndex, uint256 bitPosition) {
blockIndex = operatorId >> 8; // Equivalent to operatorId / 256
bitPosition = operatorId & 0xFF; // Equivalent to operatorId % 256
}
function checkZeroAddress(address whitelistAddress) internal pure {
if (whitelistAddress == address(0)) revert ISSVNetworkCore.ZeroAddressNotAllowed();
}
function checkOperatorsLength(uint64[] calldata operatorIds) internal pure returns (uint256 operatorsLength) {
operatorsLength = operatorIds.length;
if (operatorsLength == 0) revert ISSVNetworkCore.InvalidOperatorIdsLength();
}
function isWhitelistingContract(address whitelistingContract) internal view returns (bool) {
return ERC165Checker.supportsInterface(whitelistingContract, type(ISSVWhitelistingContract).interfaceId);
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import "../interfaces/ISSVNetworkCore.sol";
import "@openzeppelin/contracts/utils/Counters.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
enum SSVModules {
SSV_OPERATORS,
SSV_CLUSTERS,
SSV_DAO,
SSV_VIEWS,
SSV_OPERATORS_WHITELIST
}
/// @title SSV Network Storage Data
/// @notice Represents all operational state required by the SSV Network
struct StorageData {
/// @notice Maps each validator's public key to its hashed representation of: operator Ids used by the validator and active / inactive flag (uses LSB)
mapping(bytes32 => bytes32) validatorPKs;
/// @notice Maps each cluster's bytes32 identifier to its hashed representation of ISSVNetworkCore.Cluster
mapping(bytes32 => bytes32) clusters;
/// @notice Maps each operator's public key to its corresponding ID
mapping(bytes32 => uint64) operatorsPKs;
/// @notice Maps each SSVModules' module to its corresponding contract address
mapping(SSVModules => address) ssvContracts;
/// @notice Operators' whitelist: Maps each operator's ID to a whitelisting contract
mapping(uint64 => address) operatorsWhitelist;
/// @notice Maps each operator's ID to its corresponding operator fee change request data
mapping(uint64 => ISSVNetworkCore.OperatorFeeChangeRequest) operatorFeeChangeRequests;
/// @notice Maps each operator's ID to its corresponding operator data
mapping(uint64 => ISSVNetworkCore.Operator) operators;
/// @notice The SSV token used within the network (fees, rewards)
IERC20 token;
/// @notice Counter keeping track of the last Operator ID issued
Counters.Counter lastOperatorId;
/// @notice Operators' whitelist: Maps each whitelisted address to a list of operators
/// @notice that are whitelisted for that address using bitmaps
/// @dev The nested mapping's key represents a uint256 slot to handle more than 256 operators per address
mapping(address => mapping(uint256 => uint256)) addressWhitelistedForOperators;
}
library SSVStorage {
uint256 private constant SSV_STORAGE_POSITION = uint256(keccak256("ssv.network.storage.main")) - 1;
function load() internal pure returns (StorageData storage sd) {
uint256 position = SSV_STORAGE_POSITION;
assembly {
sd.slot := position
}
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
/// @title SSV Network Storage Protocol
/// @notice Represents the operational settings and parameters required by the SSV Network
struct StorageProtocol {
/// @notice The block number when the network fee index was last updated
uint32 networkFeeIndexBlockNumber;
/// @notice The count of validators governed by the DAO
uint32 daoValidatorCount;
/// @notice The block number when the DAO index was last updated
uint32 daoIndexBlockNumber;
/// @notice The maximum limit of validators per operator
uint32 validatorsPerOperatorLimit;
/// @notice The current network fee value
uint64 networkFee;
/// @notice The current network fee index value
uint64 networkFeeIndex;
/// @notice The current balance of the DAO
uint64 daoBalance;
/// @notice The minimum number of blocks before a liquidation event can be triggered
uint64 minimumBlocksBeforeLiquidation;
/// @notice The minimum collateral required for liquidation
uint64 minimumLiquidationCollateral;
/// @notice The period in which an operator can declare a fee change
uint64 declareOperatorFeePeriod;
/// @notice The period in which an operator fee change can be executed
uint64 executeOperatorFeePeriod;
/// @notice The maximum increase in operator fee that is allowed (percentage)
uint64 operatorMaxFeeIncrease;
/// @notice The maximum value in operator fee that is allowed (SSV)
uint64 operatorMaxFee;
}
library SSVStorageProtocol {
uint256 private constant SSV_STORAGE_POSITION = uint256(keccak256("ssv.network.storage.protocol")) - 1;
function load() internal pure returns (StorageProtocol storage sd) {
uint256 position = SSV_STORAGE_POSITION;
assembly {
sd.slot := position
}
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
uint256 constant DEDUCTED_DIGITS = 10_000_000;
library Types64 {
function expand(uint64 value) internal pure returns (uint256) {
return value * DEDUCTED_DIGITS;
}
}
library Types256 {
function shrink(uint256 value) internal pure returns (uint64) {
require(value < (2 ** 64 * DEDUCTED_DIGITS), "Max value exceeded");
return uint64(shrinkable(value) / DEDUCTED_DIGITS);
}
function shrinkable(uint256 value) internal pure returns (uint256) {
require(value % DEDUCTED_DIGITS == 0, "Max precision exceeded");
return value;
}
}
// SPDX-License-Identifier: GPL-3.0-or-later
pragma solidity 0.8.24;
import {ISSVOperators} from "../interfaces/ISSVOperators.sol";
import {Types64, Types256} from "../libraries/Types.sol";
import {SSVStorage, StorageData} from "../libraries/SSVStorage.sol";
import {SSVStorageProtocol, StorageProtocol} from "../libraries/SSVStorageProtocol.sol";
import "../libraries/OperatorLib.sol";
import "../libraries/CoreLib.sol";
import {Counters} from "@openzeppelin/contracts/utils/Counters.sol";
contract SSVOperators is ISSVOperators {
uint64 private constant MINIMAL_OPERATOR_FEE = 1_000_000_000;
uint64 private constant PRECISION_FACTOR = 10_000;
using Types256 for uint256;
using Types64 for uint64;
using Counters for Counters.Counter;
using OperatorLib for Operator;
/*******************************/
/* Operator External Functions */
/*******************************/
function registerOperator(
bytes calldata publicKey,
uint256 fee,
bool setPrivate
) external override returns (uint64 id) {
if (fee != 0 && fee < MINIMAL_OPERATOR_FEE) {
revert ISSVNetworkCore.FeeTooLow();
}
if (fee > SSVStorageProtocol.load().operatorMaxFee) {
revert ISSVNetworkCore.FeeTooHigh();
}
StorageData storage s = SSVStorage.load();
bytes32 hashedPk = keccak256(publicKey);
if (s.operatorsPKs[hashedPk] != 0) revert ISSVNetworkCore.OperatorAlreadyExists();
s.lastOperatorId.increment();
id = uint64(s.lastOperatorId.current());
s.operators[id] = Operator({
owner: msg.sender,
snapshot: ISSVNetworkCore.Snapshot({block: uint32(block.number), index: 0, balance: 0}),
validatorCount: 0,
fee: fee.shrink(),
whitelisted: setPrivate
});
s.operatorsPKs[hashedPk] = id;
uint64[] memory operatorIds = new uint64[](1);
operatorIds[0] = id;
emit OperatorAdded(id, msg.sender, publicKey, fee);
emit OperatorPrivacyStatusUpdated(operatorIds, setPrivate);
}
function removeOperator(uint64 operatorId) external override {
StorageData storage s = SSVStorage.load();
Operator memory operator = s.operators[operatorId];
operator.checkOwner();
operator.updateSnapshot();
uint64 currentBalance = operator.snapshot.balance;
operator.snapshot.block = 0;
operator.snapshot.balance = 0;
operator.validatorCount = 0;
operator.fee = 0;
s.operators[operatorId] = operator;
delete s.operatorsWhitelist[operatorId];
if (currentBalance > 0) {
_transferOperatorBalanceUnsafe(operatorId, currentBalance.expand());
}
emit OperatorRemoved(operatorId);
}
function declareOperatorFee(uint64 operatorId, uint256 fee) external override {
StorageData storage s = SSVStorage.load();
s.operators[operatorId].checkOwner();
StorageProtocol storage sp = SSVStorageProtocol.load();
if (fee != 0 && fee < MINIMAL_OPERATOR_FEE) revert FeeTooLow();
if (fee > sp.operatorMaxFee) revert FeeTooHigh();
uint64 operatorFee = s.operators[operatorId].fee;
uint64 shrunkFee = fee.shrink();
if (operatorFee == shrunkFee) {
revert SameFeeChangeNotAllowed();
} else if (shrunkFee != 0 && operatorFee == 0) {
revert FeeIncreaseNotAllowed();
}
// @dev 100% = 10000, 10% = 1000 - using 10000 to represent 2 digit precision
uint64 maxAllowedFee = (operatorFee * (PRECISION_FACTOR + sp.operatorMaxFeeIncrease)) / PRECISION_FACTOR;
if (shrunkFee > maxAllowedFee) revert FeeExceedsIncreaseLimit();
s.operatorFeeChangeRequests[operatorId] = OperatorFeeChangeRequest(
shrunkFee,
uint64(block.timestamp) + sp.declareOperatorFeePeriod,
uint64(block.timestamp) + sp.declareOperatorFeePeriod + sp.executeOperatorFeePeriod
);
emit OperatorFeeDeclared(msg.sender, operatorId, block.number, fee);
}
function executeOperatorFee(uint64 operatorId) external override {
StorageData storage s = SSVStorage.load();
Operator memory operator = s.operators[operatorId];
operator.checkOwner();
OperatorFeeChangeRequest memory feeChangeRequest = s.operatorFeeChangeRequests[operatorId];
if (feeChangeRequest.approvalBeginTime == 0) revert NoFeeDeclared();
if (
block.timestamp < feeChangeRequest.approvalBeginTime || block.timestamp > feeChangeRequest.approvalEndTime
) {
revert ApprovalNotWithinTimeframe();
}
if (feeChangeRequest.fee.expand() > SSVStorageProtocol.load().operatorMaxFee) revert FeeTooHigh();
operator.updateSnapshot();
operator.fee = feeChangeRequest.fee;
s.operators[operatorId] = operator;
delete s.operatorFeeChangeRequests[operatorId];
emit OperatorFeeExecuted(msg.sender, operatorId, block.number, feeChangeRequest.fee.expand());
}
function cancelDeclaredOperatorFee(uint64 operatorId) external override {
StorageData storage s = SSVStorage.load();
s.operators[operatorId].checkOwner();
if (s.operatorFeeChangeRequests[operatorId].approvalBeginTime == 0) revert NoFeeDeclared();
delete s.operatorFeeChangeRequests[operatorId];
emit OperatorFeeDeclarationCancelled(msg.sender, operatorId);
}
function reduceOperatorFee(uint64 operatorId, uint256 fee) external override {
StorageData storage s = SSVStorage.load();
Operator memory operator = s.operators[operatorId];
operator.checkOwner();
if (fee != 0 && fee < MINIMAL_OPERATOR_FEE) revert FeeTooLow();
uint64 shrunkAmount = fee.shrink();
if (shrunkAmount >= operator.fee) revert FeeIncreaseNotAllowed();
operator.updateSnapshot();
operator.fee = shrunkAmount;
s.operators[operatorId] = operator;
delete s.operatorFeeChangeRequests[operatorId];
emit OperatorFeeExecuted(msg.sender, operatorId, block.number, fee);
}
function setOperatorsPrivateUnchecked(uint64[] calldata operatorIds) external override {
OperatorLib.updatePrivacyStatus(operatorIds, true, SSVStorage.load());
emit OperatorPrivacyStatusUpdated(operatorIds, true);
}
function setOperatorsPublicUnchecked(uint64[] calldata operatorIds) external override {
OperatorLib.updatePrivacyStatus(operatorIds, false, SSVStorage.load());
emit OperatorPrivacyStatusUpdated(operatorIds, false);
}
function withdrawOperatorEarnings(uint64 operatorId, uint256 amount) external override {
_withdrawOperatorEarnings(operatorId, amount);
}
function withdrawAllOperatorEarnings(uint64 operatorId) external override {
_withdrawOperatorEarnings(operatorId, 0);
}
// private functions
function _withdrawOperatorEarnings(uint64 operatorId, uint256 amount) private {
StorageData storage s = SSVStorage.load();
Operator memory operator = s.operators[operatorId];
operator.checkOwner();
operator.updateSnapshot();
uint64 shrunkWithdrawn;
uint64 shrunkAmount = amount.shrink();
if (amount == 0 && operator.snapshot.balance > 0) {
shrunkWithdrawn = operator.snapshot.balance;
} else if (amount > 0 && operator.snapshot.balance >= shrunkAmount) {
shrunkWithdrawn = shrunkAmount;
} else {
revert InsufficientBalance();
}
operator.snapshot.balance -= shrunkWithdrawn;
s.operators[operatorId] = operator;
_transferOperatorBalanceUnsafe(operatorId, shrunkWithdrawn.expand());
}
function _transferOperatorBalanceUnsafe(uint64 operatorId, uint256 amount) private {
CoreLib.transferBalance(msg.sender, amount);
emit OperatorWithdrawn(msg.sender, operatorId, amount);
}
}