-
Notifications
You must be signed in to change notification settings - Fork 5
/
Vault.sol
127 lines (113 loc) · 4.78 KB
/
Vault.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.13;
import {IERC20} from "@openzeppelin/contracts/interfaces/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {TokenHandler} from "../utils/TokenHandler.sol";
import {VaultStorageV1} from "./VaultStorage.sol";
import {IVaultFactory} from "../interfaces/IVaultFactory.sol";
/**
* @title Vault Implementation
* @author Immunefi
* @notice Vaults are upgradeable. To not brick this, we use upgradeable libs and inherited storage
*/
contract Vault is TokenHandler, VaultStorageV1 {
using SafeERC20 for IERC20;
address private immutable _implementation; // immutable vars dont occupy storage slots
constructor() {
_implementation = address(this);
}
struct ERC20Payment {
address token;
uint256 amount;
}
event Withdraw(ERC20Payment[] withdrawal, uint256 nativeTokenAmt);
event PayWhitehat(bytes32 indexed referenceId, address wh, ERC20Payment[] payout, uint256 nativeTokenAmt, address feeTo, uint256 fee);
event PausedOnImmunefi(bool isPaused);
/**
* @notice Initializes the vault (proxy) with a specified owner
* @dev Can only be delegatecalled
* @param _owner The address which will own the vault
*/
function initialize(
address _owner,
bytes calldata /* optionalCalldata in the future */
) public initializer {
require(address(this) != _implementation, "Vault: Can only be called by proxy");
__Ownable_init();
transferOwnership(_owner);
vaultFactory = IVaultFactory(_msgSender());
}
/**
* @notice Delete renounce ownership functionality
*/
function renounceOwnership() public view override onlyOwner {
revert("renounce disabled");
}
/**
* @notice Withdraws tokens to the owner account
* @param withdrawal The payout of tokens/token amounts to withdraw
* @param nativeTokenAmt The payout of native Ether amount to withdraw
*/
function withdraw(ERC20Payment[] calldata withdrawal, uint256 nativeTokenAmt) public onlyOwner {
address payable owner = payable(owner());
uint256 length = withdrawal.length;
for (uint256 i; i < length; i++) {
IERC20(withdrawal[i].token).safeTransfer(owner, withdrawal[i].amount);
}
if (nativeTokenAmt > 0) {
(bool success, ) = owner.call{value: nativeTokenAmt}("");
require(success, "Vault: Failed to send ether to owner");
}
emit Withdraw(withdrawal, nativeTokenAmt);
}
/**
* @notice Pay a whitehat
* @dev Only callable by owner
* @dev If whitehats attempt to grief payments, project/immunefi reserves the right to nullify bounty payout
* @dev The amount of gas forwarded to the whitehat should be enough for a delegatecall to be made to support
* gnosis safe wallets
* @param referenceId id reference to report
* @param wh whitehat address
* @param payout The payout of tokens/token amounts to whitehat
* @param nativeTokenAmt The payout of native Ether amount to whitehat
* @param gas The amount of gas to forward to the whitehat to mitigate gas griefing
*/
function payWhitehat(
bytes32 referenceId,
address payable wh,
ERC20Payment[] calldata payout,
uint256 nativeTokenAmt,
uint256 gas
) public onlyOwner {
address payable feeTo = payable(vaultFactory.feeTo());
uint256 fee = vaultFactory.fee();
uint256 feeBasis = vaultFactory.FEE_BASIS();
uint256 length = payout.length;
for (uint256 i; i < length; i++) {
IERC20(payout[i].token).safeTransfer(feeTo, (payout[i].amount * fee) / feeBasis);
IERC20(payout[i].token).safeTransfer(wh, payout[i].amount);
}
if (nativeTokenAmt > 0) {
(bool success, ) = feeTo.call{value: (nativeTokenAmt * fee) / feeBasis}("");
require(success, "Vault: Failed to send ether to fee receiver");
(success, ) = wh.call{value: nativeTokenAmt, gas: gas}("");
require(success, "Vault: Failed to send ether to whitehat");
}
emit PayWhitehat(referenceId, wh, payout, nativeTokenAmt, feeTo, fee);
}
/**
* @notice Allows receival of eth
*/
receive() external payable {}
/**
* @notice Sets isPausedOnImmunefi
* @dev Only callable by owner
* @dev Owner needs to set isPausedOnImmunefi to false before they can soft delete the vault on Immunefi
* @dev This value is only used in the frontend
* @param isPaused The value to store in isPausedOnImmunefi
*/
function setIsPausedOnImmunefi(bool isPaused) public onlyOwner {
isPausedOnImmunefi = isPaused;
emit PausedOnImmunefi(isPaused);
}
}