Contract Name:
WitnetProxy
Contract Source Code:
// SPDX-License-Identifier: MIT
pragma solidity >=0.7.0 <0.9.0;
pragma experimental ABIEncoderV2;
import "../patterns/Upgradeable.sol";
/// @title WitnetProxy: upgradable delegate-proxy contract.
/// @author Guillermo Díaz <[email protected]>
contract WitnetProxy {
/// Event emitted every time the implementation gets updated.
event Upgraded(address indexed implementation);
/// Constructor with no params as to ease eventual support of Singleton pattern (i.e. ERC-2470).
constructor () {}
receive() virtual external payable {}
/// Payable fallback accepts delegating calls to payable functions.
fallback() external payable { /* solhint-disable no-complex-fallback */
address _implementation = implementation();
assembly { /* solhint-disable avoid-low-level-calls */
// Gas optimized delegate call to 'implementation' contract.
// Note: `msg.data`, `msg.sender` and `msg.value` will be passed over
// to actual implementation of `msg.sig` within `implementation` contract.
let ptr := mload(0x40)
calldatacopy(ptr, 0, calldatasize())
let result := delegatecall(gas(), _implementation, ptr, calldatasize(), 0, 0)
let size := returndatasize()
returndatacopy(ptr, 0, size)
switch result
case 0 {
// pass back revert message:
revert(ptr, size)
}
default {
// pass back same data as returned by 'implementation' contract:
return(ptr, size)
}
}
}
/// Returns proxy's current implementation address.
function implementation() public view returns (address) {
return __proxySlot().implementation;
}
/// Upgrades the `implementation` address.
/// @param _newImplementation New implementation address.
/// @param _initData Raw data with which new implementation will be initialized.
/// @return Returns whether new implementation would be further upgradable, or not.
function upgradeTo(address _newImplementation, bytes memory _initData)
public returns (bool)
{
// New implementation cannot be null:
require(_newImplementation != address(0), "WitnetProxy: null implementation");
address _oldImplementation = implementation();
if (_oldImplementation != address(0)) {
// New implementation address must differ from current one:
require(_newImplementation != _oldImplementation, "WitnetProxy: nothing to upgrade");
// Assert whether current implementation is intrinsically upgradable:
try Upgradeable(_oldImplementation).isUpgradable() returns (bool _isUpgradable) {
require(_isUpgradable, "WitnetProxy: not upgradable");
} catch {
revert("WitnetProxy: unable to check upgradability");
}
// Assert whether current implementation allows `msg.sender` to upgrade the proxy:
(bool _wasCalled, bytes memory _result) = _oldImplementation.delegatecall(
abi.encodeWithSignature(
"isUpgradableFrom(address)",
msg.sender
)
);
require(_wasCalled, "WitnetProxy: uncompliant implementation");
require(abi.decode(_result, (bool)), "WitnetProxy: not authorized");
require(
Upgradeable(_oldImplementation).proxiableUUID() == Upgradeable(_newImplementation).proxiableUUID(),
"WitnetProxy: proxiableUUIDs mismatch"
);
}
// Initialize new implementation within proxy-context storage:
(bool _wasInitialized, bytes memory _returnData) = _newImplementation.delegatecall(
abi.encodeWithSignature(
"initialize(bytes)",
_initData
)
);
if (!_wasInitialized) {
if (_returnData.length < 68) {
revert("WitnetProxy: initialization failed");
} else {
assembly {
_returnData := add(_returnData, 0x04)
}
revert(abi.decode(_returnData, (string)));
}
}
// If all checks and initialization pass, update implementation address:
__proxySlot().implementation = _newImplementation;
emit Upgraded(_newImplementation);
// Asserts new implementation complies w/ minimal implementation of Upgradeable interface:
try Upgradeable(_newImplementation).isUpgradable() returns (bool _isUpgradable) {
return _isUpgradable;
}
catch {
revert ("WitnetProxy: uncompliant implementation");
}
}
/// @dev Complying with EIP-1967, retrieves storage struct containing proxy's current implementation address.
function __proxySlot() private pure returns (Proxiable.ProxiableSlot storage _slot) {
assembly {
// bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1)
_slot.slot := 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
}
}
}
// SPDX-License-Identifier: MIT
/* solhint-disable var-name-mixedcase */
pragma solidity >=0.6.0 <0.9.0;
import "@openzeppelin/contracts/utils/introspection/ERC165.sol";
import "./Initializable.sol";
import "./Proxiable.sol";
abstract contract Upgradeable is Initializable, Proxiable {
address internal immutable _BASE;
bytes32 internal immutable _CODEHASH;
bool internal immutable _UPGRADABLE;
modifier onlyDelegateCalls virtual {
require(
address(this) != _BASE,
"Upgradeable: not a delegate call"
);
_;
}
/// Emitted every time the contract gets upgraded.
/// @param from The address who ordered the upgrading. Namely, the WRB operator in "trustable" implementations.
/// @param baseAddr The address of the new implementation contract.
/// @param baseCodehash The EVM-codehash of the new implementation contract.
/// @param versionTag Ascii-encoded version literal with which the implementation deployer decided to tag it.
event Upgraded(
address indexed from,
address indexed baseAddr,
bytes32 indexed baseCodehash,
string versionTag
);
constructor (bool _isUpgradable) {
address _base = address(this);
_BASE = _base;
_UPGRADABLE = _isUpgradable;
}
/// @dev Retrieves base contract. Differs from address(this) when called via delegate-proxy pattern.
function base() public view returns (address) {
return _BASE;
}
/// @dev Retrieves the immutable codehash of this contract, even if invoked as delegatecall.
function codehash() public view returns (bytes32 _codehash) {
address _base = _BASE;
assembly {
_codehash := extcodehash(_base)
}
}
/// @dev Determines whether the logic of this contract is potentially upgradable.
function isUpgradable() public view returns (bool) {
return _UPGRADABLE;
}
/// @dev Tells whether provided address could eventually upgrade the contract.
function isUpgradableFrom(address from) virtual external view returns (bool);
/// @notice Re-initialize contract's storage context upon a new upgrade from a proxy.
/// @dev Must fail when trying to upgrade to same logic contract more than once.
function initialize(bytes memory) virtual external;
/// @dev Retrieves human-redable named version of current implementation.
function version() virtual public view returns (string memory);
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.6.0 <0.9.0;
abstract contract Proxiable {
/// @dev Complying with EIP-1822: Universal Upgradeable Proxy Standard (UUPS)
/// @dev See https://eips.ethereum.org/EIPS/eip-1822.
function proxiableUUID() virtual external view returns (bytes32);
struct ProxiableSlot {
address implementation;
address proxy;
bytes32 codehash;
}
function __implementation() internal view returns (address) {
return __proxiable().implementation;
}
function __proxy() internal view returns (address) {
return __proxiable().proxy;
}
function __proxiable() internal pure returns (ProxiableSlot storage proxiable) {
assembly {
// bytes32(uint256(keccak256('eip1967.proxy.implementation')) - 1)
proxiable.slot := 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
}
}
}
// SPDX-License-Identifier: MIT
pragma solidity >=0.8.0 <0.9.0;
import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reininitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
assembly {
$.slot := INITIALIZABLE_STORAGE
}
}
}