Untitled Diff

Created Diff never expires
// SPDX-License-Identifier: MIT
/**
pragma solidity ^0.8.0;
*Submitted for verification at Etherscan.io on 2022-02-01
*/

pragma solidity 0.4.26;

library SafeMath {


// OpenZeppelin contracts
/**
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
* @dev Multiplies two numbers, throws on overflow.
import {ReentrancyGuard} from "@openzeppelin/contracts/security/ReentrancyGuard.sol";
*/
import {IERC20, SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
function mul(uint256 a, uint256 b) internal pure returns (uint256 c) {
if (a == 0) {
return 0;
}
c = a * b;
assert(c / a == b);
return c;
}


// LooksRare interfaces
/**
import {ICurrencyManager} from "./interfaces/ICurrencyManager.sol";
* @dev Integer division of two numbers, truncating the quotient.
import {IExecutionManager} from "./interfaces/IExecutionManager.sol";
*/
import {IExecutionStrategy} from "./interfaces/IExecutionStrategy.sol";
function div(uint256 a, uint256 b) internal pure returns (uint256) {
import {IRoyaltyFeeManager} from "./interfaces/IRoyaltyFeeManager.sol";
// assert(b > 0); // Solidity automatically throws when dividing by 0
import {ILooksRareExchange} from "./interfaces/ILooksRareExchange.sol";
// uint256 c = a / b;
import {ITransferManagerNFT} from "./interfaces/ITransferManagerNFT.sol";
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
import {ITransferSelectorNFT} from "./interfaces/ITransferSelectorNFT.sol";
return a / b;
import {IWETH} from "./interfaces/IWETH.sol";
}

/**
* @dev Subtracts two numbers, throws on overflow (i.e. if subtrahend is greater than minuend).
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
assert(b <= a);
return a - b;
}

/**
* @dev Adds two numbers, throws on overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256 c) {
c = a + b;
assert(c >= a);
return c;
}
}

contract Ownable {
address public owner;


event OwnershipRenounced(address indexed previousOwner);
event OwnershipTransferred(
address indexed previousOwner,
address indexed newOwner
);


// LooksRare libraries
import {OrderTypes} from "./libraries/OrderTypes.sol";
import {SignatureChecker} from "./libraries/SignatureChecker.sol";
contract LooksRareExchange is ILooksRareExchange, ReentrancyGuard, Ownable {
using SafeERC20 for IERC20;


using OrderTypes for OrderTypes.MakerOrder;
/**
using OrderTypes for OrderTypes.TakerOrder;
* @dev The Ownable constructor sets the original `owner` of the contract to the sender
* account.
*/
constructor() public {
owner = msg.sender;
}


address public immutable WETH;
/**
bytes32 public immutable DOMAIN_SEPARATOR;
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(msg.sender == owner);
_;
}


address public protocolFeeRecipient;
/**
* @dev Allows the current owner to transfer control of the contract to a newOwner.
* @param newOwner The address to transfer ownership to.
*/
function transferOwnership(address newOwner) public onlyOwner {
require(newOwner != address(0));
emit OwnershipTransferred(owner, newOwner);
owner = newOwner;
}


ICurrencyManager public currencyManager;
/**
IExecutionManager public executionManager;
* @dev Allows the current owner to relinquish control of the contract.
IRoyaltyFeeManager public royaltyFeeManager;
*/
ITransferSelectorNFT public transferSelectorNFT;
function renounceOwnership() public onlyOwner {
emit OwnershipRenounced(owner);
owner = address(0);
}
}


mapping(address => uint256) public userMinOrderNonce;
contract ERC20Basic {
mapping(address => mapping(uint256 => bool)) private _isUserOrderNonceExecutedOrCancelled;
function totalSupply() public view returns (uint256);
function balanceOf(address who) public view returns (uint256);
function transfer(address to, uint256 value) public returns (bool);
event Transfer(address indexed from, address indexed to, uint256 value);
}


event CancelAllOrders(address indexed user, uint256 newMinNonce);
contract ERC20 is ERC20Basic {
event CancelMultipleOrders(address indexed user, uint256[] orderNonces);
function allowance(address owner, address spender)
event NewCurrencyManager(address indexed currencyManager);
public view returns (uint256);
event NewExecutionManager(address indexed executionManager);
event NewProtocolFeeRecipient(address indexed protocolFeeRecipient);
event NewRoyaltyFeeManager(address indexed royaltyFeeManager);
event NewTransferSelectorNFT(address indexed transferSelectorNFT);


event RoyaltyPayment(
function transferFrom(address from, address to, uint256 value)
address indexed collection,
public returns (bool);
uint256 indexed tokenId,
address indexed royaltyRecipient,
address currency,
uint256 amount
);


event TakerAsk(
function approve(address spender, uint256 value) public returns (bool);
bytes32 orderHash, // bid hash of the maker order
event Approval(
uint256 orderNonce, // user order nonce
address indexed owner,
address indexed taker, // sender address for the taker ask order
address indexed spender,
address indexed maker, // maker address of the initial bid order
uint256 value
address indexed strategy, // strategy that defines the execution
);
address currency, // currency address
}
address collection, // collection address
uint256 tokenId, // tokenId transferred
uint256 amount, // amount of tokens transferred
uint256 price // final transacted price
);


event TakerBid(
library ArrayUtils {
bytes32 orderHash, // ask hash of the maker order
uint256 orderNonce, // user order nonce
address indexed taker, // sender address for the taker bid order
address indexed maker, // maker address of the initial ask order
address indexed strategy, // strategy that defines the execution
address currency, // currency address
address collection, // collection address
uint256 tokenId, // tokenId transferred
uint256 amount, // amount of tokens transferred
uint256 price // final transacted price
);


/**
/**
* @notice Constructor
* Replace bytes in an array with bytes in another array, guarded by a bitmask
* @param _currencyManager currency manager address
* Efficiency of this function is a bit unpredictable because of the EVM's word-specific model (arrays under 32 bytes will be slower)
* @param _executionManager execution manager address
*
* @param _royaltyFeeManager royalty fee manager address
* @dev Mask must be the size of the byte array. A nonzero byte means the byte array can be changed.
* @param _WETH wrapped ether address (for other chains, use wrapped native asset)
* @param array The original array
* @param _protocolFeeRecipient protocol fee recipient
* @param desired The target array
* @param mask The mask specifying which bits can be changed
* @return The updated byte array (the parameter will be modified inplace)
*/
*/
constructor(
function guardedArrayReplace(bytes memory array, bytes memory desired, bytes memory mask)
address _currencyManager,
internal
address _executionManager,
pure
address _royaltyFeeManager,
{
address _WETH,
require(array.length == desired.length);
address _protocolFeeRecipient
require(array.length == mask.length);
) {

// Calculate the domain separator
uint words = array.length / 0x20;
DOMAIN_SEPARATOR = keccak256(
uint index = words * 0x20;
abi.encode(
assert(index / 0x20 == words);
0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f, // keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)")
uint i;
0xda9101ba92939daf4bb2e18cd5f942363b9297fbc3232c9dd964abb1fb70ed71, // keccak256("LooksRareExchange")

0xc89efdaa54c0f20c7adf612882df0950f5a951637e0307cdcb4c672f298b8bc6, // keccak256(bytes("1")) for versionId = 1
for (i = 0; i < words; i++) {
block.chainid,
/* Conceptually: array[i] = (!mask[i] && array[i]) || (mask[i] && desired[i]), bitwise in word chunks. */
address(this)
assembly {
)
let commonIndex := mul(0x20, add(1, i))
);
let maskValue := mload(add(mask, commonIndex))
mstore(add(array, commonIndex), or(and(not(maskValue), mload(add(array, commonIndex))), and(maskValue, mload(add(desired, commonIndex)))))
}
}


currencyManager = ICurrencyManager(_currencyManager);
/* Deal with the last section of the byte array. */
executionManager = IExecutionManager(_executionManager);
if (words > 0) {
royaltyFeeManager = IRoyaltyFeeManager(_royaltyFeeManager);
/* This overlaps with bytes already set but is still more efficient than iterating through each of the remaining bytes individually. */
WETH = _WETH;
i = words;
protocolFeeRecipient = _protocolFeeRecipient;
assembly {
let commonIndex := mul(0x20, add(1, i))
let maskValue := mload(add(mask, commonIndex))
mstore(add(array, commonIndex), or(and(not(maskValue), mload(add(array, commonIndex))), and(maskValue, mload(add(desired, commonIndex)))))
}
} else {
/* If the byte array is shorter than a word, we must unfortunately do the whole thing bytewise.
(bounds checks could still probably be optimized away in assembly, but this is a rare case) */
for (i = index; i < array.length; i++) {
array[i] = ((mask[i] ^ 0xff) & array[i]) | (mask[i] & desired[i]);
}
}
}
}


/**
/**
* @notice Cancel all pending orders for a sender
* Test if two arrays are equal
* @param minNonce minimum user nonce
* @param a First array
* @param b Second array
* @return Whether or not all bytes in the arrays are equal
*/
*/
function cancelAllOrdersForSender(uint256 minNonce) external {
function arrayEq(bytes memory a, bytes memory b)
require(minNonce > userMinOrderNonce[msg.sender], "Cancel: Order nonce lower than current");
internal
require(minNonce < userMinOrderNonce[msg.sender] + 500000, "Cancel: Cannot cancel more orders");
pure
userMinOrderNonce[msg.sender] = minNonce;
returns (bool)
{
return keccak256(a) == keccak256(b);
}


emit CancelAllOrders(msg.sender, minNonce);
/**
* Unsafe write byte array into a memory location
*
* @param index Memory location
* @param source Byte array to write
* @return End memory index
*/
function unsafeWriteBytes(uint index, bytes source)
internal
pure
returns (uint)
{
if (source.length > 0) {
assembly {
let length := mload(source)
let end := add(source, add(0x20, length))
let arrIndex := add(source, 0x20)
let tempIndex := index
for { } eq(lt(arrIndex, end), 1) {
arrIndex := add(arrIndex, 0x20)
tempIndex := add(tempIndex, 0x20)
} {
mstore(tempIndex, mload(arrIndex))
}
index := add(index, length)
}
}
return index;
}
}


/**
/**
* @notice Cancel maker orders
* Unsafe write address into a memory location
* @param orderNonces array of order nonces
*
* @param index Memory location
* @param source Address to write
* @return End memory index
*/
*/
function cancelMultipleMakerOrders(uint256[] calldata orderNonces) external {
function unsafeWriteAddress(uint index, address source)
require(orderNonces.length > 0, "Cancel: Cannot be empty");
internal

pure
for (uint256 i = 0; i < orderNonces.length; i++) {
returns (uint)
require(orderNonces[i] >= userMinOrderNonce[msg.sender], "Cancel: Order nonce lower than current");
{
_isUserOrderNonceExecutedOrCancelled[msg.sender][orderNonces[i]] = true;
uint conv = uint(source) << 0x60;
assembly {
mstore(index, conv)
index := add(index, 0x14)
}
}
return index;
}


emit CancelMultipleOrders(msg.sender, orderNonces);
/**
* Unsafe write address into a memory location using entire word
*
* @param index Memory location
* @param source uint to write
* @return End memory index
*/
function unsafeWriteAddressWord(uint index, address source)
internal
pure
returns (uint)
{
assembly {
mstore(index, source)
index := add(index, 0x20)
}
return index;
}
}


/**
/**
* @notice Match ask with a taker bid order using ETH
* Unsafe write uint into a memory location
* @param takerBid taker bid order
*
* @param makerAsk maker ask order
* @param index Memory location
* @param source uint to write
* @return End memory index
*/
*/
function matchAskWithTakerBidUsingETHAndWETH(
function unsafeWriteUint(uint index, uint source)
OrderTypes.TakerOrder calldata takerBid,
internal
OrderTypes.MakerOrder calldata makerAsk
pure
) external payable override nonReentrant {
returns (uint)
require((makerAsk.isOrderAsk) && (!takerBid.isOrderAsk), "Order: Wrong sides");
{
require(makerAsk.currency == WETH, "Order: Currency must be WETH");
assembly {
require(msg.sender == takerBid.taker, "Order: Taker must be the sender");
mstore(index, source)
index := add(index, 0x20)
}
return index;
}


// If not enough ETH to cover the price, use WETH
/**
if (takerBid.price > msg.value) {
* Unsafe write uint8 into a memory location
IERC20(WETH).safeTransferFrom(msg.sender, address(this), (takerBid.price - msg.value));
*
} else {
* @param index Memory location
require(takerBid.price == msg.value, "Order: Msg.value too high");
* @param source uint8 to write
* @return End memory index
*/
function unsafeWriteUint8(uint index, uint8 source)
internal
pure
returns (uint)
{
assembly {
mstore8(index, source)
index := add(index, 0x1)
}
}
return index;
}


// Wrap ETH sent to this contract
/**
IWETH(WETH).deposit{value: msg.value}();
* Unsafe write uint8 into a memory location using entire word
*
* @param index Memory location
* @param source uint to write
* @return End memory index
*/
function unsafeWriteUint8Word(uint index, uint8 source)
internal
pure
returns (uint)
{
assembly {
mstore(index, source)
index := add(index, 0x20)
}
return index;
}


// Check the maker ask order
/**
bytes32 askHash = makerAsk.hash();
* Unsafe write bytes32 into a memory location using entire word
_validateOrder(makerAsk, askHash);
*
* @param index Memory location
* @param source uint to write
* @return End memory index
*/
function unsafeWriteBytes32(uint index, bytes32 source)
internal
pure
returns (uint)
{
assembly {
mstore(index, source)
index := add(index, 0x20)
}
return index;
}
}


// Retrieve execution parameters
contract ReentrancyGuarded {
(bool isExecutionValid, uint256 tokenId, uint256 amount) = IExecutionStrategy(makerAsk.strategy)
.canExecuteTakerBid(takerBid, makerAsk);


require(isExecutionValid, "Strategy: Execution invalid");
bool reentrancyLock = false;


// Update maker ask order status to true (prevents replay)
/* Prevent a contract function from being reentrant-called. */
_isUserOrderNonceExecutedOrCancelled[makerAsk.signer][makerAsk.nonce] = true;
modifier reentrancyGuard {
if (reentrancyLock) {
revert();
}
reentrancyLock = true;
_;
reentrancyLock = false;
}


// Execution part 1/2
}
_transferFeesAndFundsWithWETH(
makerAsk.strategy,
makerAsk.collection,
tokenId,
makerAsk.signer,
takerBid.price,
makerAsk.minPercentageToAsk
);


// Execution part 2/2
contract TokenRecipient {
_transferNonFungibleToken(makerAsk.collection, makerAsk.signer, takerBid.taker, tokenId, amount);
event ReceivedEther(address indexed sender, uint amount);
event ReceivedTokens(address indexed from, uint256 value, address indexed token, bytes extraData);


emit TakerBid(
/**
askHash,
* @dev Receive tokens and generate a log event
makerAsk.nonce,
* @param from Address from which to transfer tokens
takerBid.taker,
* @param value Amount of tokens to transfer
makerAsk.signer,
* @param token Address of token
makerAsk.strategy,
* @param extraData Additional data to log
makerAsk.currency,
*/
makerAsk.collection,
function receiveApproval(address from, uint256 value, address token, bytes extraData) public {
tokenId,
ERC20 t = ERC20(token);
amount,
require(t.transferFrom(from, this, value));
takerBid.price
emit ReceivedTokens(from, value, token, extraData);
);
}
}


/**
/**
* @notice Match a takerBid with a matchAsk
* @dev Receive Ether and generate a log event
* @param takerBid taker bid order
* @param makerAsk maker ask order
*/
*/
function matchAskWithTakerBid(OrderTypes.TakerOrder calldata takerBid, OrderTypes.MakerOrder calldata makerAsk)
function () payable public {
external
emit ReceivedEther(msg.sender, msg.value);
override
}
nonReentrant
}
{

require((makerAsk.isOrderAsk) && (!takerBid.isOrderAsk), "Order: Wrong sides");
contract ExchangeCore is ReentrancyGuarded, Ownable {
require(msg.sender == takerBid.taker, "Order: Taker must be the sender");
string public constant name = "Wyvern Exchange Contract";
string public constant version = "2.3";


// Check the maker ask order
// NOTE: these hashes are derived and verified in the constructor.
bytes32 askHash = makerAsk.hash();
bytes32 private constant _EIP_712_DOMAIN_TYPEHASH = 0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f;
_validateOrder(makerAsk, askHash);
bytes32 private constant _NAME_HASH = 0x9a2ed463836165738cfa54208ff6e7847fd08cbaac309aac057086cb0a144d13;
bytes32 private constant _VERSION_HASH = 0xe2fd538c762ee69cab09ccd70e2438075b7004dd87577dc3937e9fcc8174bb64;
bytes32 private constant _ORDER_TYPEHASH = 0xdba08a88a748f356e8faf8578488343eab21b1741728779c9dcfdc782bc800f8;

bytes4 private constant _EIP_1271_MAGIC_VALUE = 0x1626ba7e;

// // NOTE: chainId opcode is not supported in solidiy 0.4.x; here we hardcode as 1.
// In order to protect against orders that are replayable across forked chains,
// either the solidity version needs to be bumped up or it needs to be retrieved
// from another contract.
uint256 private constant _CHAIN_ID = 1;

// Note: the domain separator is derived and verified in the constructor. */
bytes32 public constant DOMAIN_SEPARATOR = 0x72982d92449bfb3d338412ce4738761aff47fb975ceb17a1bc3712ec716a5a68;

/* The token used to pay exchange fees. */
ERC20 public exchangeToken;

/* User registry. */
ProxyRegistry public registry;


(bool isExecutionValid, uint256 tokenId, uint256 amount) = IExecutionStrategy(makerAsk.strategy)
/* Token transfer proxy. */
.canExecuteTakerBid(takerBid, makerAsk);
TokenTransferProxy public tokenTransferProxy;


require(isExecutionValid, "Strategy: Execution invalid");
/* Cancelled / finalized orders, by hash. */
mapping(bytes32 => bool) public cancelledOrFinalized;


// Update maker ask order status to true (prevents replay)
/* Orders verified by on-chain approval (alternative to ECDSA signatures so that smart contracts can place orders directly). */
_isUserOrderNonceExecutedOrCancelled[makerAsk.signer][makerAsk.nonce] = true;
/* Note that the maker's nonce at the time of approval **plus one** is stored in the mapping. */
mapping(bytes32 => uint256) private _approvedOrdersByNonce;


// Execution part 1/2
/* Track per-maker nonces that can be incremented by the maker to cancel orders in bulk. */
_transferFeesAndFunds(
// The current nonce for the maker represents the only valid nonce that can be signed by the maker
makerAsk.strategy,
// If a signature was signed with a nonce that's different from the one stored in nonces, it
makerAsk.collection,
// will fail validation.
tokenId,
mapping(address => uint256) public nonces;
makerAsk.currency,
msg.sender,
makerAsk.signer,
takerBid.price,
makerAsk.minPercentageToAsk
);


// Execution part 2/2
/* For split fee orders, minimum required protocol maker fee, in basis points. Paid to owner (who can change it). */
_transferNonFungibleToken(makerAsk.collection, makerAsk.signer, takerBid.taker, tokenId, amount);
uint public minimumMakerProtocolFee = 0;


emit TakerBid(
/* For split fee orders, minimum required protocol taker fee, in basis points. Paid to owner (who can change it). */
askHash,
uint public minimumTakerProtocolFee = 0;
makerAsk.nonce,
takerBid.taker,
makerAsk.signer,
makerAsk.strategy,
makerAsk.currency,
makerAsk.collection,
tokenId,
amount,
takerBid.price
);
}


/**
/* Recipient of protocol fees. */
* @notice Match a takerAsk with a makerBid
address public protocolFeeRecipient;
* @param takerAsk taker ask order
* @param makerBid maker bid order
*/
function matchBidWithTakerAsk(OrderTypes.TakerOrder calldata takerAsk, OrderTypes.MakerOrder calldata makerBid)
external
override
nonReentrant
{
require((!makerBid.isOrderAsk) && (takerAsk.isOrderAsk), "Order: Wrong sides");
require(msg.sender == takerAsk.taker, "Order: Taker must be the sender");


// Check the maker bid order
/* Fee method: protocol fee or split fee. */
bytes32 bidHash = makerBid.hash();
enum FeeMethod { ProtocolFee, SplitFee }
_validateOrder(makerBid, bidHash);


(bool isExecutionValid, uint256 tokenId, uint256 amount) = IExecutionStrategy(makerBid.strategy)
/* Inverse basis point. */
.canExecuteTakerAsk(takerAsk, makerBid);
uint public constant INVERSE_BASIS_POINT = 10000;


require(isExecutionValid, "Strategy: Execution invalid");
/* An ECDSA signature. */
struct Sig {
/* v parameter */
uint8 v;
/* r parameter */
bytes32 r;
/* s parameter */
bytes32 s;
}


// Update maker bid order status to true (prevents replay)
/* An order on the exchange. */
_isUserOrderNonceExecutedOrCancelled[makerBid.signer][makerBid.nonce] = true;
struct Order {
/* Exchange address, intended as a versioning mechanism. */
address exchange;
/* Order maker address. */
address maker;
/* Order taker address, if specified. */
address taker;
/* Maker relayer fee of the order, unused for taker order. */
uint makerRelayerFee;
/* Taker relayer fee of the order, or maximum taker fee for a taker order. */
uint takerRelayerFee;
/* Maker protocol fee of the order, unused for taker order. */
uint makerProtocolFee;
/* Taker protocol fee of the order, or maximum taker fee for a taker order. */
uint takerProtocolFee;
/* Order fee recipient or zero address for taker order. */
address feeRecipient;
/* Fee method (protocol token or split fee). */
FeeMethod feeMethod;
/* Side (buy/sell). */
SaleKindInterface.Side side;
/* Kind of sale. */
SaleKindInterface.SaleKind saleKind;
/* Target. */
address target;
/* HowToCall. */
AuthenticatedProxy.HowToCall howToCall;
/* Calldata. */
bytes calldata;
/* Calldata replacement pattern, or an empty byte array for no replacement. */
bytes replacementPattern;
/* Static call target, zero-address for no static call. */
address staticTarget;
/* Static call extra data. */
bytes staticExtradata;
/* Token used to pay for the order, or the zero-address as a sentinel value for Ether. */
address paymentToken;
/* Base price of the order (in paymentTokens). */
uint basePrice;
/* Auction extra parameter - minimum bid increment for English auctions, starting/ending price difference. */
uint extra;
/* Listing timestamp. */
uint listingTime;
/* Expiration timestamp - 0 for no expiry. */
uint expirationTime;
/* Order salt, used to prevent duplicate hashes. */
uint salt;
/* NOTE: uint nonce is an additional component of the order but is read from storage */
}


// Execution part 1/2
event OrderApprovedPartOne (bytes32 indexed hash, address exchange, address indexed maker, address taker, uint makerRelayerFee, uint takerRelayerFee, uint makerProtocolFee, uint takerProtocolFee, address indexed feeRecipient, FeeMethod feeMethod, SaleKindInterface.Side side, SaleKindInterface.SaleKind saleKind, address target);
_transferNonFungibleToken(makerBid.collection, msg.sender, makerBid.signer, tokenId, amount);
event OrderApprovedPartTwo (bytes32 indexed hash, AuthenticatedProxy.HowToCall howToCall, bytes calldata, bytes replacementPattern, address staticTarget, bytes staticExtradata, address paymentToken, uint basePrice, uint extra, uint listingTime, uint expirationTime, uint salt, bool orderbookInclusionDesired);
event OrderCancelled (bytes32 indexed hash);
event OrdersMatched (bytes32 buyHash, bytes32 sellHash, address indexed maker, address indexed taker, uint price, bytes32 indexed metadata);
event NonceIncremented (address indexed maker, uint newNonce);


// Execution part 2/2
constructor () public {
_transferFeesAndFunds(
require(keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)") == _EIP_712_DOMAIN_TYPEHASH);
makerBid.strategy,
require(keccak256(bytes(name)) == _NAME_HASH);
makerBid.collection,
require(keccak256(bytes(version)) == _VERSION_HASH);
tokenId,
require(keccak256("Order(address exchange,address maker,address taker,uint256 makerRelayerFee,uint256 takerRelayerFee,uint256 makerProtocolFee,uint256 takerProtocolFee,address feeRecipient,uint8 feeMethod,uint8 side,uint8 saleKind,address target,uint8 howToCall,bytes calldata,bytes replacementPattern,address staticTarget,bytes staticExtradata,address paymentToken,uint256 basePrice,uint256 extra,uint256 listingTime,uint256 expirationTime,uint256 salt,uint256 nonce)") == _ORDER_TYPEHASH);
makerBid.currency,
require(DOMAIN_SEPARATOR == _deriveDomainSeparator());
makerBid.signer,
}
takerAsk.taker,
takerAsk.price,
takerAsk.minPercentageToAsk
);


emit TakerAsk(
/**
bidHash,
* @dev Derive the domain separator for EIP-712 signatures.
makerBid.nonce,
* @return The domain separator.
takerAsk.taker,
*/
makerBid.signer,
function _deriveDomainSeparator() private view returns (bytes32) {
makerBid.strategy,
return keccak256(
makerBid.currency,
abi.encode(
makerBid.collection,
_EIP_712_DOMAIN_TYPEHASH, // keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)")
tokenId,
_NAME_HASH, // keccak256("Wyvern Exchange Contract")
amount,
_VERSION_HASH, // keccak256(bytes("2.3"))
takerAsk.price
_CHAIN_ID, // NOTE: this is fixed, need to use solidity 0.5+ or make external call to support!
address(this)
)
);
);
}
}


/**
/**
* @notice Update currency manager
* Increment a particular maker's nonce, thereby invalidating all orders that were not signed
* @param _currencyManager new currency manager address
* with the original nonce.
*/
*/
function updateCurrencyManager(address _currencyManager) external onlyOwner {
function incrementNonce() external {
require(_currencyManager != address(0), "Owner: Cannot be null address");
uint newNonce = ++nonces[msg.sender];
currencyManager = ICurrencyManager(_currencyManager);
emit NonceIncremented(msg.sender, newNonce);
emit NewCurrencyManager(_currencyManager);
}
}


/**
/**
* @notice Update execution manager
* @dev Change the minimum maker fee paid to the protocol (owner only)
* @param _executionManager new execution manager address
* @param newMinimumMakerProtocolFee New fee to set in basis points
*/
*/
function updateExecutionManager(address _executionManager) external onlyOwner {
function changeMinimumMakerProtocolFee(uint newMinimumMakerProtocolFee)
require(_executionManager != address(0), "Owner: Cannot be null address");
public
executionManager = IExecutionManager(_executionManager);
onlyOwner
emit NewExecutionManager(_executionManager);
{
minimumMakerProtocolFee = newMinimumMakerProtocolFee;
}
}


/**
/**
* @notice Update protocol fee and recipient
* @dev Change the minimum taker fee paid to the protocol (owner only)
* @param _protocolFeeRecipient new recipient for protocol fees
* @param newMinimumTakerProtocolFee New fee to set in basis points
*/
*/
function updateProtocolFeeRecipient(address _protocolFeeRecipient) external onlyOwner {
function changeMinimumTakerProtocolFee(uint newMinimumTakerProtocolFee)
protocolFeeRecipient = _protocolFeeRecipient;
public
emit NewProtocolFeeRecipient(_protocolFeeRecipient);
onlyOwner
{
minimumTakerProtocolFee = newMinimumTakerProtocolFee;
}
}


/**
/**
* @notice Update royalty fee manager
* @dev Change the protocol fee recipient (owner only)
* @param _royaltyFeeManager new fee manager address
* @param newProtocolFeeRecipient New protocol fee recipient address
*/
*/
function updateRoyaltyFeeManager(address _royaltyFeeManager) external onlyOwner {
function changeProtocolFeeRecipient(address newProtocolFeeRecipient)
require(_royaltyFeeManager != address(0), "Owner: Cannot be null address");
public
royaltyFeeManager = IRoyaltyFeeManager(_royaltyFeeManager);
onlyOwner
emit NewRoyaltyFeeManager(_royaltyFeeManager);
{
protocolFeeRecipient = newProtocolFeeRecipient;
}
}


/**
/**
* @notice Update transfer selector NFT
* @dev Transfer tokens
* @param _transferSelectorNFT new transfer selector address
* @param token Token to transfer
* @param from Address to charge fees
* @param to Address to receive fees
* @param amount Amount of protocol tokens to charge
*/
*/
function updateTransferSelectorNFT(address _transferSelectorNFT) external onlyOwner {
function transferTokens(address token, address from, address to, uint amount)
require(_transferSelectorNFT != address(0), "Owner: Cannot be null address");
internal
transferSelectorNFT = ITransferSelectorNFT(_transferSelectorNFT);
{

if (amount > 0) {
emit NewTransferSelectorNFT(_transferSelectorNFT);
require(tokenTransferProxy.transferFrom(token, from, to, amount));
}
}
}


/**
/**
* @notice Check whether user order nonce is executed or cancelled
* @dev Charge a fee in protocol tokens
* @param user address of user
* @param from Address to charge fees
* @param orderNonce nonce of the order
* @param to Address to receive fees
* @param amount Amount of protocol tokens to charge
*/
*/
function isUserOrderNonceExecutedOrCancelled(address user, uint256 orderNonce) external view returns (bool) {
function chargeProtocolFee(address from, address to, uint amount)
return _isUserOrderNonceExecutedOrCancelled[user][orderNonce];
internal
{
transferTokens(exchangeToken, from, to, amount);
}
}


/**
/**
* @notice Transfer fees and funds to royalty recipient, protocol, and seller
* @dev Execute a STATICCALL (introduced with Ethereum Metropolis, non-state-modifying external call)
* @param strategy address of the execution strategy
* @param target Contract to call
* @param collection non fungible token address for the transfer
* @param calldata Calldata (appended to extradata)
* @param tokenId tokenId
* @param extradata Base data for STATICCALL (probably function selector and argument encoding)
* @param currency currency being used for the purchase (e.g., WETH/USDC)
* @return The result of the call (success or failure)
* @param from sender of the funds
* @param to seller's recipient
* @param amount amount being transferred (in currency)
* @param minPercentageToAsk minimum percentage of the gross amount that goes to ask
*/
*/
function _transferFeesAndFunds(
function staticCall(address target, bytes memory calldata, bytes memory extradata)
address strategy,
public
address collection,
view
uint256 tokenId,
returns (bool result)
address currency,
{
address from,
bytes memory combined = new bytes(calldata.length + extradata.length);
address to,
uint index;
uint256 amount,
assembly {
uint256 minPercentageToAsk
index := add(combined, 0x20)
) internal {
// Initialize the final amount that is transferred to seller
uint256 finalSellerAmount = amount;

// 1. Protocol fee
{
uint256 protocolFeeAmount = _calculateProtocolFee(strategy, amount);

// Check if the protocol fee is different than 0 for this strategy
if ((protocolFeeRecipient != address(0)) && (protocolFeeAmount != 0)) {
IERC20(currency).safeTransferFrom(from, protocolFeeRecipient, protocolFeeAmount);
finalSellerAmount -= protocolFeeAmount;
}
}
}

index = ArrayUtils.unsafeWriteBytes(index, extradata);
// 2. Royalty fee
ArrayUtils.unsafeWriteBytes(index, calldata);
{
assembly {
(address royaltyFeeRecipient, uint256 royaltyFeeAmount) = royaltyFeeManager
result := staticcall(gas, target, add(combined, 0x20), mload(combined), mload(0x40), 0)
.calculateRoyaltyFeeAndGetRecipient(collection, tokenId, amount);

// Check if there is a royalty fee and that it is different to 0
if ((royaltyFeeRecipient != address(0)) && (royaltyFeeAmount != 0)) {
IERC20(currency).safeTransferFrom(from, royaltyFeeRecipient, royaltyFeeAmount);
finalSellerAmount -= royaltyFeeAmount;

emit RoyaltyPayment(collection, tokenId, royaltyFeeRecipient, currency, royaltyFeeAmount);
}
}

require((finalSellerAmount * 10000) >= (minPercentageToAsk * amount), "Fees: Higher than expected");

// 3. Transfer final amount (post-fees) to seller
{
IERC20(currency).safeTransferFrom(from, to, finalSellerAmount);
}
}
return result;
}
}


/**
/**
* @notice Transfer fees and funds to royalty recipient, protocol, and seller
* @dev Hash an order, returning the canonical EIP-712 order hash without the domain separator
* @param strategy address of the execution strategy
* @param order Order to hash
* @param collection non fungible token address for the transfer
* @param nonce maker nonce to hash
* @param tokenId tokenId
* @return Hash of order
* @param to seller's recipient
* @param amount amount being transferred (in currency)
* @param minPercentageToAsk minimum percentage of the gross amount that goes to ask
*/
*/
function _transferFeesAndFundsWithWETH(
function hashOrder(Order memory order, uint nonce)
address strategy,
internal
address collection,
pure
uint256 tokenId,
returns (bytes32 hash)
address to,
{
uint256 amount,
/* Unfortunately abi.encodePacked doesn't work here, stack size constraints. */
uint256 minPercentageToAsk
uint size = 800;
) internal {
bytes memory array = new bytes(size);
// Initialize the final amount that is transferred to seller
uint index;
uint256 finalSellerAmount = amount;
assembly {

index := add(array, 0x20)
// 1. Protocol fee
{
uint256 protocolFeeAmount = _calculateProtocolFee(strategy, amount);

// Check if the protocol fee is different than 0 for this strategy
if ((protocolFeeRecipient != address(0)) && (protocolFeeAmount != 0)) {
IERC20(WETH).safeTransfer(protocolFeeRecipient, protocolFeeAmount);
finalSellerAmount -= protocolFeeAmount;
}
}
}

index = ArrayUtils.unsafeWriteBytes32(index, _ORDER_TYPEHASH);
// 2. Royalty fee
index = ArrayUtils.unsafeWriteAddressWord(index, order.exchange);
{
index = ArrayUtils.unsafeWriteAddressWord(index, order.maker);
(address royaltyFeeRecipient, uint256 royaltyFeeAmount) = royaltyFeeManager
index = ArrayUtils.unsafeWriteAddressWord(index, order.taker);
.calculateRoyaltyFeeAndGetRecipient(collection, tokenId, amount);
index = ArrayUtils.unsafeWriteUint(index, order.makerRelayerFee);

index = ArrayUtils.unsafeWriteUint(index, order.takerRelayerFee);
// Check if there is a royalty fee and that it is different to 0
index = ArrayUtils.unsafeWriteUint(index, order.makerProtocolFee);
if ((royaltyFeeRecipient != address(0)) && (royaltyFeeAmount != 0)) {
index = ArrayUtils.unsafeWriteUint(index, order.takerProtocolFee);
IERC20(WETH).safeTransfer(royaltyFeeRecipient, royaltyFeeAmount);
index = ArrayUtils.unsafeWriteAddressWord(index, order.feeRecipient);
finalSellerAmount -= royaltyFeeAmount;
index = ArrayUtils.unsafeWriteUint8Word(index, uint8(order.feeMethod));

index = ArrayUtils.unsafeWriteUint8Word(index, uint8(order.side));
emit RoyaltyPayment(collection, tokenId, royaltyFeeRecipient, address(WETH), royaltyFeeAmount);
index = ArrayUtils.unsafeWriteUint8Word(index, uint8(order.saleKind));
}
index = ArrayUtils.unsafeWriteAddressWord(index, order.target);
}
index = ArrayUtils.unsafeWriteUint8Word(index, uint8(order.howToCall));

index = ArrayUtils.unsafeWriteBytes32(index, keccak256(order.calldata));
require((finalSellerAmount * 10000) >= (minPercentageToAsk * amount), "Fees: Higher than expected");
index = ArrayUtils.unsafeWriteBytes32(index, keccak256(order.replacementPattern));

index = ArrayUtils.unsafeWriteAddressWord(index, order.staticTarget);
// 3. Transfer final amount (post-fees) to seller
index = ArrayUtils.unsafeWriteBytes32(index, keccak256(order.staticExtradata));
{
index = ArrayUtils.unsafeWriteAddressWord(index, order.paymentToken);
IERC20(WETH).safeTransfer(to, finalSellerAmount);
index = ArrayUtils.unsafeWriteUint(index, order.basePrice);
index = ArrayUtils.unsafeWriteUint(index, order.extra);
index = ArrayUtils.unsafeWriteUint(index, order.listingTime);
index = ArrayUtils.unsafeWriteUint(index, order.expirationTime);
index = ArrayUtils.unsafeWriteUint(index, order.salt);
index = ArrayUtils.unsafeWriteUint(index, nonce);
assembly {
hash := keccak256(add(array, 0x20), size)
}
}
return hash;
}
}


/**
/**
* @notice Transfer NFT
* @dev Hash an order, returning the hash that a client must sign via EIP-712 including the message prefix
* @param collection address of the token collection
* @param order Order to hash
* @param from address of the sender
* @param nonce Nonce to hash
* @param to address of the recipient
* @return Hash of message prefix and order hash per Ethereum format
* @param tokenId tokenId
* @param amount amount of tokens (1 for ERC721, 1+ for ERC1155)
* @dev For ERC721, amount is not used
*/
*/
function _transferNonFungibleToken(
function hashToSign(Order memory order, uint nonce)
address collection,
internal
address from,
pure
address to,
returns (bytes32)
uint256 tokenId,
{
uint256 amount
return keccak256(
) internal {
abi.encodePacked("\x19\x01", DOMAIN_SEPARATOR, hashOrder(order, nonce))
// Retrieve the transfer manager address
);
address transferManager = transferSelectorNFT.checkTransferManagerForToken(collection);

// If no transfer manager found, it returns address(0)
require(transferManager != address(0), "Transfer: No NFT transfer manager available");

// If one is found, transfer the token
ITransferManagerNFT(transferManager).transferNonFungibleToken(collection, from, to, tokenId, amount);
}
}


/**
/**
* @notice Calculate protocol fee for an execution strategy
* @dev Assert an order is valid and return its hash
* @param executionStrategy strategy
* @param order Order to validate
* @param amount amount to transfer
* @param nonce Nonce to validate
* @param sig ECDSA signature
*/
*/
function _calculateProtocolFee(address executionStrategy, uint256 amount) internal view returns (uint256) {
function requireValidOrder(Order memory order, Sig memory sig, uint nonce)
uint256 protocolFee = IExecutionStrategy(executionStrategy).viewProtocolFee();
internal
return (protocolFee * amount) / 10000;
view
returns (bytes32)
{
bytes32 hash = hashToSign(order, nonce);
require(validateOrder(hash, order, sig));
return hash;
}
}


/**
/**
* @notice Verify the validity of the maker order
* @dev Validate order parameters (does *not* check signature validity)
* @param makerOrder maker order
* @param order Order to validate
* @param orderHash computed hash for the order
*/
*/
function _validateOrder(OrderTypes.MakerOrder calldata makerOrder, bytes32 orderHash) internal view {
function validateOrderParameters(Order memory order)
// Verify whether order nonce has expired
internal
require(
view
(!_isUserOrderNonceExecutedOrCancelled[makerOrder.signer][makerOrder.nonce]) &&
returns (bool)
(makerOrder.nonce >= userMinOrderNonce[makerOrder.signer]),
{
"Order: Matching order expired"
/* Order must be targeted at this protocol version (this Exchange contract). */
);
if (order.exchange != address(this)) {


// Verify the signer is not address(0)
require(makerOrder.signer != address(0), "Order: Invalid signer");

// Verify the amount is not 0
require(makerOrder.amount > 0, "Order: Amount cannot be 0");

// Verify the validity of the signature
require(
SignatureChecker.verify(
orderHash,
makerOrder.signer,
makerOrder.v,
makerOrder.r,
makerOrder.s,
DOMAIN_SEPARATOR
),
"Signature: Invalid"
);

// Verify whether the currency is whitelisted
require(currencyManager.isCurrencyWhitelisted(makerOrder.currency), "Currency: Not whitelisted");

// Verify whether strategy can be executed
require(executionManager.isStrategyWhitelisted(makerOrder.strategy), "Strategy: Not whitelisted");
}
}