diff --git a/README.md b/README.md index 35d24c4..018c203 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ ## Environments +- [Rinkeby (testnet)](./environments/rinkeby) - [Staging (rinkeby)](./environments/staging) ## Scripts diff --git a/environments/rinkeby/aragon.aragonpm.eth/aragon.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/aragon.aragonpm.eth/aragon.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..eabb00c Binary files /dev/null and b/environments/rinkeby/aragon.aragonpm.eth/aragon.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/contracts/aragon-id/FIFSResolvingRegistrar.sol b/environments/rinkeby/contracts/aragon-id/FIFSResolvingRegistrar.sol new file mode 100644 index 0000000..7435915 --- /dev/null +++ b/environments/rinkeby/contracts/aragon-id/FIFSResolvingRegistrar.sol @@ -0,0 +1,100 @@ +pragma solidity 0.4.24; +// File: @aragon/os/contracts/lib/ens/AbstractENS.sol +interface AbstractENS { + function owner(bytes32 _node) public constant returns (address); + function resolver(bytes32 _node) public constant returns (address); + function ttl(bytes32 _node) public constant returns (uint64); + function setOwner(bytes32 _node, address _owner) public; + function setSubnodeOwner(bytes32 _node, bytes32 label, address _owner) public; + function setResolver(bytes32 _node, address _resolver) public; + function setTTL(bytes32 _node, uint64 _ttl) public; + + // Logged when the owner of a node assigns a new owner to a subnode. + event NewOwner(bytes32 indexed _node, bytes32 indexed _label, address _owner); + + // Logged when the owner of a node transfers ownership to a new account. + event Transfer(bytes32 indexed _node, address _owner); + + // Logged when the resolver for a node changes. + event NewResolver(bytes32 indexed _node, address _resolver); + + // Logged when the TTL of a node changes + event NewTTL(bytes32 indexed _node, uint64 _ttl); +} +// File: contracts/ens/IPublicResolver.sol +interface IPublicResolver { + function supportsInterface(bytes4 interfaceID) constant returns (bool); + function addr(bytes32 node) constant returns (address ret); + function setAddr(bytes32 node, address addr); + function hash(bytes32 node) constant returns (bytes32 ret); + function setHash(bytes32 node, bytes32 hash); +} +// File: contracts/IFIFSResolvingRegistrar.sol +interface IFIFSResolvingRegistrar { + function register(bytes32 _subnode, address _owner) external; + function registerWithResolver(bytes32 _subnode, address _owner, IPublicResolver _resolver) public; +} +// File: contracts/FIFSResolvingRegistrar.sol +/** + * A registrar that allocates subdomains and sets resolvers to the first person to claim them. + * + * Adapted from ENS' FIFSRegistrar: + * https://github.com/ethereum/ens/blob/master/contracts/FIFSRegistrar.sol + */ +contract FIFSResolvingRegistrar is IFIFSResolvingRegistrar { + bytes32 public rootNode; + AbstractENS internal ens; + IPublicResolver internal defaultResolver; + + bytes4 private constant ADDR_INTERFACE_ID = 0x3b3b57de; + + event ClaimSubdomain(bytes32 indexed subnode, address indexed owner, address indexed resolver); + + /** + * Constructor. + * @param _ensAddr The address of the ENS registry. + * @param _defaultResolver The address of the default resolver to use for subdomains. + * @param _node The node that this registrar administers. + */ + constructor(AbstractENS _ensAddr, IPublicResolver _defaultResolver, bytes32 _node) + public + { + ens = _ensAddr; + defaultResolver = _defaultResolver; + rootNode = _node; + } + + /** + * Register a subdomain with the default resolver if it hasn't been claimed yet. + * @param _subnode The hash of the label to register. + * @param _owner The address of the new owner. + */ + function register(bytes32 _subnode, address _owner) external { + registerWithResolver(_subnode, _owner, defaultResolver); + } + + /** + * Register a subdomain if it hasn't been claimed yet. + * @param _subnode The hash of the label to register. + * @param _owner The address of the new owner. + * @param _resolver The address of the resolver. + * If the resolver supports the address interface, the subdomain's address will + * be set to the new owner. + */ + function registerWithResolver(bytes32 _subnode, address _owner, IPublicResolver _resolver) public { + bytes32 node = keccak256(rootNode, _subnode); + address currentOwner = ens.owner(node); + require(currentOwner == address(0)); + + ens.setSubnodeOwner(rootNode, _subnode, address(this)); + ens.setResolver(node, _resolver); + if (_resolver.supportsInterface(ADDR_INTERFACE_ID)) { + _resolver.setAddr(node, _owner); + } + + // Give ownership to the claimer + ens.setOwner(node, _owner); + + emit ClaimSubdomain(_subnode, _owner, address(_resolver)); + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/ACL.sol b/environments/rinkeby/contracts/aragonOS/ACL.sol new file mode 100644 index 0000000..6748b1c --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/ACL.sol @@ -0,0 +1,1203 @@ +pragma solidity 0.4.24; +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/acl/IACLOracle.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACLOracle { + function canPerform(address who, address where, bytes32 what, uint256[] how) external view returns (bool); +} +// File: contracts/acl/ACL.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ACL is IACL, TimeHelpers, AragonApp, ACLHelpers { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_PERMISSIONS_ROLE = keccak256("CREATE_PERMISSIONS_ROLE"); + */ + bytes32 public constant CREATE_PERMISSIONS_ROLE = 0x0b719b33c83b8e5d300c521cb8b54ae9bd933996a14bef8c2f4e0285d2d2400a; + + enum Op { NONE, EQ, NEQ, GT, LT, GTE, LTE, RET, NOT, AND, OR, XOR, IF_ELSE } // op types + + struct Param { + uint8 id; + uint8 op; + uint240 value; // even though value is an uint240 it can store addresses + // in the case of 32 byte hashes losing 2 bytes precision isn't a huge deal + // op and id take less than 1 byte each so it can be kept in 1 sstore + } + + uint8 internal constant BLOCK_NUMBER_PARAM_ID = 200; + uint8 internal constant TIMESTAMP_PARAM_ID = 201; + // 202 is unused + uint8 internal constant ORACLE_PARAM_ID = 203; + uint8 internal constant LOGIC_OP_PARAM_ID = 204; + uint8 internal constant PARAM_VALUE_PARAM_ID = 205; + // TODO: Add execution times param type? + + /* Hardcoded constant to save gas + bytes32 public constant EMPTY_PARAM_HASH = keccak256(uint256(0)); + */ + bytes32 public constant EMPTY_PARAM_HASH = 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563; + bytes32 public constant NO_PERMISSION = bytes32(0); + address public constant ANY_ENTITY = address(-1); + address public constant BURN_ENTITY = address(1); // address(0) is already used as "no permission manager" + + uint256 internal constant ORACLE_CHECK_GAS = 30000; + + string private constant ERROR_AUTH_INIT_KERNEL = "ACL_AUTH_INIT_KERNEL"; + string private constant ERROR_AUTH_NO_MANAGER = "ACL_AUTH_NO_MANAGER"; + string private constant ERROR_EXISTENT_MANAGER = "ACL_EXISTENT_MANAGER"; + + // Whether someone has a permission + mapping (bytes32 => bytes32) internal permissions; // permissions hash => params hash + mapping (bytes32 => Param[]) internal permissionParams; // params hash => params + + // Who is the manager of a permission + mapping (bytes32 => address) internal permissionManager; + + event SetPermission(address indexed entity, address indexed app, bytes32 indexed role, bool allowed); + event SetPermissionParams(address indexed entity, address indexed app, bytes32 indexed role, bytes32 paramsHash); + event ChangePermissionManager(address indexed app, bytes32 indexed role, address indexed manager); + + modifier onlyPermissionManager(address _app, bytes32 _role) { + require(msg.sender == getPermissionManager(_app, _role), ERROR_AUTH_NO_MANAGER); + _; + } + + modifier noPermissionManager(address _app, bytes32 _role) { + // only allow permission creation (or re-creation) when there is no manager + require(getPermissionManager(_app, _role) == address(0), ERROR_EXISTENT_MANAGER); + _; + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(address _permissionsCreator) public onlyInit { + initialized(); + require(msg.sender == address(kernel()), ERROR_AUTH_INIT_KERNEL); + + _createPermission(_permissionsCreator, this, CREATE_PERMISSIONS_ROLE, _permissionsCreator); + } + + /** + * @dev Creates a permission that wasn't previously set and managed. + * If a created permission is removed it is possible to reset it with createPermission. + * This is the **ONLY** way to create permissions and set managers to permissions that don't + * have a manager. + * In terms of the ACL being initialized, this function implicitly protects all the other + * state-changing external functions, as they all require the sender to be a manager. + * @notice Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _manager Address of the entity that will be able to grant and revoke the permission further. + */ + function createPermission(address _entity, address _app, bytes32 _role, address _manager) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _createPermission(_entity, _app, _role, _manager); + } + + /** + * @dev Grants permission if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + */ + function grantPermission(address _entity, address _app, bytes32 _role) + external + { + grantPermissionP(_entity, _app, _role, new uint256[](0)); + } + + /** + * @dev Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _params Permission parameters + */ + function grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) + public + onlyPermissionManager(_app, _role) + { + bytes32 paramsHash = _params.length > 0 ? _saveParams(_params) : EMPTY_PARAM_HASH; + _setPermission(_entity, _app, _role, paramsHash); + } + + /** + * @dev Revokes permission if allowed. This requires `msg.sender` to be the the permission manager + * @notice Revoke from `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity to revoke access from + * @param _app Address of the app in which the role will be revoked + * @param _role Identifier for the group of actions in app being revoked + */ + function revokePermission(address _entity, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermission(_entity, _app, _role, NO_PERMISSION); + } + + /** + * @notice Set `_newManager` as the manager of `_role` in `_app` + * @param _newManager Address for the new manager + * @param _app Address of the app in which the permission management is being transferred + * @param _role Identifier for the group of actions being transferred + */ + function setPermissionManager(address _newManager, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(_newManager, _app, _role); + } + + /** + * @notice Remove the manager of `_role` in `_app` + * @param _app Address of the app in which the permission is being unmanaged + * @param _role Identifier for the group of actions being unmanaged + */ + function removePermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(address(0), _app, _role); + } + + /** + * @notice Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function createBurnedPermission(address _app, bytes32 _role) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function burnPermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Get parameters for permission array length + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return Length of the array + */ + function getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint) { + return permissionParams[permissions[permissionHash(_entity, _app, _role)]].length; + } + + /** + * @notice Get parameter for permission + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @param _index Index of parameter in the array + * @return Parameter (id, op, value) + */ + function getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) + external + view + returns (uint8, uint8, uint240) + { + Param storage param = permissionParams[permissions[permissionHash(_entity, _app, _role)]][_index]; + return (param.id, param.op, param.value); + } + + /** + * @dev Get manager for permission + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return address of the manager for the permission + */ + function getPermissionManager(address _app, bytes32 _role) public view returns (address) { + return permissionManager[roleHash(_app, _role)]; + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission statu + * @param _who Sender of the original call + * @param _where Address of the app + * @param _where Identifier for a group of actions in app + * @param _how Permission parameters + * @return boolean indicating whether the ACL allows the role or not + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes memory _how) public view returns (bool) { + // Force cast the bytes array into a uint256[], by overwriting its length + // Note that the uint256[] doesn't need to be initialized as we immediately overwrite it + // with _how and a new length, and _how becomes invalid from this point forward + uint256[] memory how; + uint256 intsLength = _how.length / 32; + assembly { + how := _how + mstore(how, intsLength) + } + + return hasPermission(_who, _where, _what, how); + } + + function hasPermission(address _who, address _where, bytes32 _what, uint256[] memory _how) public view returns (bool) { + bytes32 whoParams = permissions[permissionHash(_who, _where, _what)]; + if (whoParams != NO_PERMISSION && evalParams(whoParams, _who, _where, _what, _how)) { + return true; + } + + bytes32 anyParams = permissions[permissionHash(ANY_ENTITY, _where, _what)]; + if (anyParams != NO_PERMISSION && evalParams(anyParams, ANY_ENTITY, _where, _what, _how)) { + return true; + } + + return false; + } + + function hasPermission(address _who, address _where, bytes32 _what) public view returns (bool) { + uint256[] memory empty = new uint256[](0); + return hasPermission(_who, _where, _what, empty); + } + + function evalParams( + bytes32 _paramsHash, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) public view returns (bool) + { + if (_paramsHash == EMPTY_PARAM_HASH) { + return true; + } + + return _evalParam(_paramsHash, 0, _who, _where, _what, _how); + } + + /** + * @dev Internal createPermission for access inside the kernel (on instantiation) + */ + function _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal { + _setPermission(_entity, _app, _role, EMPTY_PARAM_HASH); + _setPermissionManager(_manager, _app, _role); + } + + /** + * @dev Internal function called to actually save the permission + */ + function _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal { + permissions[permissionHash(_entity, _app, _role)] = _paramsHash; + bool entityHasPermission = _paramsHash != NO_PERMISSION; + bool permissionHasParams = entityHasPermission && _paramsHash != EMPTY_PARAM_HASH; + + emit SetPermission(_entity, _app, _role, entityHasPermission); + if (permissionHasParams) { + emit SetPermissionParams(_entity, _app, _role, _paramsHash); + } + } + + function _saveParams(uint256[] _encodedParams) internal returns (bytes32) { + bytes32 paramHash = keccak256(abi.encodePacked(_encodedParams)); + Param[] storage params = permissionParams[paramHash]; + + if (params.length == 0) { // params not saved before + for (uint256 i = 0; i < _encodedParams.length; i++) { + uint256 encodedParam = _encodedParams[i]; + Param memory param = Param(decodeParamId(encodedParam), decodeParamOp(encodedParam), uint240(encodedParam)); + params.push(param); + } + } + + return paramHash; + } + + function _evalParam( + bytes32 _paramsHash, + uint32 _paramId, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) internal view returns (bool) + { + if (_paramId >= permissionParams[_paramsHash].length) { + return false; // out of bounds + } + + Param memory param = permissionParams[_paramsHash][_paramId]; + + if (param.id == LOGIC_OP_PARAM_ID) { + return _evalLogic(param, _paramsHash, _who, _where, _what, _how); + } + + uint256 value; + uint256 comparedTo = uint256(param.value); + + // get value + if (param.id == ORACLE_PARAM_ID) { + value = checkOracle(IACLOracle(param.value), _who, _where, _what, _how) ? 1 : 0; + comparedTo = 1; + } else if (param.id == BLOCK_NUMBER_PARAM_ID) { + value = getBlockNumber(); + } else if (param.id == TIMESTAMP_PARAM_ID) { + value = getTimestamp(); + } else if (param.id == PARAM_VALUE_PARAM_ID) { + value = uint256(param.value); + } else { + if (param.id >= _how.length) { + return false; + } + value = uint256(uint240(_how[param.id])); // force lost precision + } + + if (Op(param.op) == Op.RET) { + return uint256(value) > 0; + } + + return compare(value, Op(param.op), comparedTo); + } + + function _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) + internal + view + returns (bool) + { + if (Op(_param.op) == Op.IF_ELSE) { + uint32 conditionParam; + uint32 successParam; + uint32 failureParam; + + (conditionParam, successParam, failureParam) = decodeParamsList(uint256(_param.value)); + bool result = _evalParam(_paramsHash, conditionParam, _who, _where, _what, _how); + + return _evalParam(_paramsHash, result ? successParam : failureParam, _who, _where, _what, _how); + } + + uint32 param1; + uint32 param2; + + (param1, param2,) = decodeParamsList(uint256(_param.value)); + bool r1 = _evalParam(_paramsHash, param1, _who, _where, _what, _how); + + if (Op(_param.op) == Op.NOT) { + return !r1; + } + + if (r1 && Op(_param.op) == Op.OR) { + return true; + } + + if (!r1 && Op(_param.op) == Op.AND) { + return false; + } + + bool r2 = _evalParam(_paramsHash, param2, _who, _where, _what, _how); + + if (Op(_param.op) == Op.XOR) { + return r1 != r2; + } + + return r2; // both or and and depend on result of r2 after checks + } + + function compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool) { + if (_op == Op.EQ) return _a == _b; // solium-disable-line lbrace + if (_op == Op.NEQ) return _a != _b; // solium-disable-line lbrace + if (_op == Op.GT) return _a > _b; // solium-disable-line lbrace + if (_op == Op.LT) return _a < _b; // solium-disable-line lbrace + if (_op == Op.GTE) return _a >= _b; // solium-disable-line lbrace + if (_op == Op.LTE) return _a <= _b; // solium-disable-line lbrace + return false; + } + + function checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool) { + bytes4 sig = _oracleAddr.canPerform.selector; + + // a raw call is required so we can return false if the call reverts, rather than reverting + bytes memory checkCalldata = abi.encodeWithSelector(sig, _who, _where, _what, _how); + uint256 oracleCheckGas = ORACLE_CHECK_GAS; + + bool ok; + assembly { + ok := staticcall(oracleCheckGas, _oracleAddr, add(checkCalldata, 0x20), mload(checkCalldata), 0, 0) + } + + if (!ok) { + return false; + } + + uint256 size; + assembly { size := returndatasize } + if (size != 32) { + return false; + } + + bool result; + assembly { + let ptr := mload(0x40) // get next free memory ptr + returndatacopy(ptr, 0, size) // copy return from above `staticcall` + result := mload(ptr) // read data at ptr and set it to result + mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr + } + + return result; + } + + /** + * @dev Internal function that sets management + */ + function _setPermissionManager(address _newManager, address _app, bytes32 _role) internal { + permissionManager[roleHash(_app, _role)] = _newManager; + emit ChangePermissionManager(_app, _role, _newManager); + } + + function roleHash(address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("ROLE", _where, _what)); + } + + function permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("PERMISSION", _who, _where, _what)); + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/APMRegistry.sol b/environments/rinkeby/contracts/aragonOS/APMRegistry.sol new file mode 100644 index 0000000..7003716 --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/APMRegistry.sol @@ -0,0 +1,1975 @@ +pragma solidity 0.4.24; +// File: contracts/lib/ens/AbstractENS.sol +interface AbstractENS { + function owner(bytes32 _node) public constant returns (address); + function resolver(bytes32 _node) public constant returns (address); + function ttl(bytes32 _node) public constant returns (uint64); + function setOwner(bytes32 _node, address _owner) public; + function setSubnodeOwner(bytes32 _node, bytes32 label, address _owner) public; + function setResolver(bytes32 _node, address _resolver) public; + function setTTL(bytes32 _node, uint64 _ttl) public; + + // Logged when the owner of a node assigns a new owner to a subnode. + event NewOwner(bytes32 indexed _node, bytes32 indexed _label, address _owner); + + // Logged when the owner of a node transfers ownership to a new account. + event Transfer(bytes32 indexed _node, address _owner); + + // Logged when the resolver for a node changes. + event NewResolver(bytes32 indexed _node, address _resolver); + + // Logged when the TTL of a node changes + event NewTTL(bytes32 indexed _node, uint64 _ttl); +} +// File: contracts/lib/ens/PublicResolver.sol +/** + * A simple resolver anyone can use; only allows the owner of a node to set its + * address. + */ +contract PublicResolver { + bytes4 constant INTERFACE_META_ID = 0x01ffc9a7; + bytes4 constant ADDR_INTERFACE_ID = 0x3b3b57de; + bytes4 constant CONTENT_INTERFACE_ID = 0xd8389dc5; + bytes4 constant NAME_INTERFACE_ID = 0x691f3431; + bytes4 constant ABI_INTERFACE_ID = 0x2203ab56; + bytes4 constant PUBKEY_INTERFACE_ID = 0xc8690233; + bytes4 constant TEXT_INTERFACE_ID = 0x59d1d43c; + + event AddrChanged(bytes32 indexed node, address a); + event ContentChanged(bytes32 indexed node, bytes32 hash); + event NameChanged(bytes32 indexed node, string name); + event ABIChanged(bytes32 indexed node, uint256 indexed contentType); + event PubkeyChanged(bytes32 indexed node, bytes32 x, bytes32 y); + event TextChanged(bytes32 indexed node, string indexed indexedKey, string key); + + struct PublicKey { + bytes32 x; + bytes32 y; + } + + struct Record { + address addr; + bytes32 content; + string name; + PublicKey pubkey; + mapping(string=>string) text; + mapping(uint256=>bytes) abis; + } + + AbstractENS ens; + mapping(bytes32=>Record) records; + + modifier only_owner(bytes32 node) { + if (ens.owner(node) != msg.sender) throw; + _; + } + + /** + * Constructor. + * @param ensAddr The ENS registrar contract. + */ + function PublicResolver(AbstractENS ensAddr) public { + ens = ensAddr; + } + + /** + * Returns true if the resolver implements the interface specified by the provided hash. + * @param interfaceID The ID of the interface to check for. + * @return True if the contract implements the requested interface. + */ + function supportsInterface(bytes4 interfaceID) public pure returns (bool) { + return interfaceID == ADDR_INTERFACE_ID || + interfaceID == CONTENT_INTERFACE_ID || + interfaceID == NAME_INTERFACE_ID || + interfaceID == ABI_INTERFACE_ID || + interfaceID == PUBKEY_INTERFACE_ID || + interfaceID == TEXT_INTERFACE_ID || + interfaceID == INTERFACE_META_ID; + } + + /** + * Returns the address associated with an ENS node. + * @param node The ENS node to query. + * @return The associated address. + */ + function addr(bytes32 node) public constant returns (address ret) { + ret = records[node].addr; + } + + /** + * Sets the address associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param addr The address to set. + */ + function setAddr(bytes32 node, address addr) only_owner(node) public { + records[node].addr = addr; + AddrChanged(node, addr); + } + + /** + * Returns the content hash associated with an ENS node. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The ENS node to query. + * @return The associated content hash. + */ + function content(bytes32 node) public constant returns (bytes32 ret) { + ret = records[node].content; + } + + /** + * Sets the content hash associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The node to update. + * @param hash The content hash to set + */ + function setContent(bytes32 node, bytes32 hash) only_owner(node) public { + records[node].content = hash; + ContentChanged(node, hash); + } + + /** + * Returns the name associated with an ENS node, for reverse records. + * Defined in EIP181. + * @param node The ENS node to query. + * @return The associated name. + */ + function name(bytes32 node) public constant returns (string ret) { + ret = records[node].name; + } + + /** + * Sets the name associated with an ENS node, for reverse records. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param name The name to set. + */ + function setName(bytes32 node, string name) only_owner(node) public { + records[node].name = name; + NameChanged(node, name); + } + + /** + * Returns the ABI associated with an ENS node. + * Defined in EIP205. + * @param node The ENS node to query + * @param contentTypes A bitwise OR of the ABI formats accepted by the caller. + * @return contentType The content type of the return value + * @return data The ABI data + */ + function ABI(bytes32 node, uint256 contentTypes) public constant returns (uint256 contentType, bytes data) { + var record = records[node]; + for(contentType = 1; contentType <= contentTypes; contentType <<= 1) { + if ((contentType & contentTypes) != 0 && record.abis[contentType].length > 0) { + data = record.abis[contentType]; + return; + } + } + contentType = 0; + } + + /** + * Sets the ABI associated with an ENS node. + * Nodes may have one ABI of each content type. To remove an ABI, set it to + * the empty string. + * @param node The node to update. + * @param contentType The content type of the ABI + * @param data The ABI data. + */ + function setABI(bytes32 node, uint256 contentType, bytes data) only_owner(node) public { + // Content types must be powers of 2 + if (((contentType - 1) & contentType) != 0) throw; + + records[node].abis[contentType] = data; + ABIChanged(node, contentType); + } + + /** + * Returns the SECP256k1 public key associated with an ENS node. + * Defined in EIP 619. + * @param node The ENS node to query + * @return x, y the X and Y coordinates of the curve point for the public key. + */ + function pubkey(bytes32 node) public constant returns (bytes32 x, bytes32 y) { + return (records[node].pubkey.x, records[node].pubkey.y); + } + + /** + * Sets the SECP256k1 public key associated with an ENS node. + * @param node The ENS node to query + * @param x the X coordinate of the curve point for the public key. + * @param y the Y coordinate of the curve point for the public key. + */ + function setPubkey(bytes32 node, bytes32 x, bytes32 y) only_owner(node) public { + records[node].pubkey = PublicKey(x, y); + PubkeyChanged(node, x, y); + } + + /** + * Returns the text data associated with an ENS node and key. + * @param node The ENS node to query. + * @param key The text data key to query. + * @return The associated text data. + */ + function text(bytes32 node, string key) public constant returns (string ret) { + ret = records[node].text[key]; + } + + /** + * Sets the text data associated with an ENS node and key. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param key The key to set. + * @param value The text data value to set. + */ + function setText(bytes32 node, string key, string value) only_owner(node) public { + records[node].text[key] = value; + TextChanged(node, key, key); + } +} +// File: contracts/ens/ENSConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ENSConstants { + /* Hardcoded constants to save gas + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = keccak256("eth"); + bytes32 internal constant ETH_TLD_NODE = keccak256(abi.encodePacked(ENS_ROOT, ETH_TLD_LABEL)); + bytes32 internal constant PUBLIC_RESOLVER_LABEL = keccak256("resolver"); + bytes32 internal constant PUBLIC_RESOLVER_NODE = keccak256(abi.encodePacked(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL)); + */ + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = 0x4f5b812789fc606be1b3b16908db13fc7a9adf7ca72641f84d75b47069d3d7f0; + bytes32 internal constant ETH_TLD_NODE = 0x93cdeb708b7545dc668eb9280176169d1c33cfd8ed6f04690a0bcc88a93fc4ae; + bytes32 internal constant PUBLIC_RESOLVER_LABEL = 0x329539a1d23af1810c48a07fe7fc66a3b34fbc8b37e9b3cdb97bb88ceab7e4bf; + bytes32 internal constant PUBLIC_RESOLVER_NODE = 0xfdd5d5de6dd63db72bbc2d487944ba13bf775b50a80805fe6fcaba9b0fba88f5; +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/ens/ENSSubdomainRegistrar.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ENSSubdomainRegistrar is AragonApp, ENSConstants { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_NAME_ROLE = keccak256("CREATE_NAME_ROLE"); + bytes32 public constant DELETE_NAME_ROLE = keccak256("DELETE_NAME_ROLE"); + bytes32 public constant POINT_ROOTNODE_ROLE = keccak256("POINT_ROOTNODE_ROLE"); + */ + bytes32 public constant CREATE_NAME_ROLE = 0xf86bc2abe0919ab91ef714b2bec7c148d94f61fdb069b91a6cfe9ecdee1799ba; + bytes32 public constant DELETE_NAME_ROLE = 0x03d74c8724218ad4a99859bcb2d846d39999449fd18013dd8d69096627e68622; + bytes32 public constant POINT_ROOTNODE_ROLE = 0x9ecd0e7bddb2e241c41b595a436c4ea4fd33c9fa0caa8056acf084fc3aa3bfbe; + + string private constant ERROR_NO_NODE_OWNERSHIP = "ENSSUB_NO_NODE_OWNERSHIP"; + string private constant ERROR_NAME_EXISTS = "ENSSUB_NAME_EXISTS"; + string private constant ERROR_NAME_DOESNT_EXIST = "ENSSUB_DOESNT_EXIST"; + + AbstractENS public ens; + bytes32 public rootNode; + + event NewName(bytes32 indexed node, bytes32 indexed label); + event DeleteName(bytes32 indexed node, bytes32 indexed label); + + function initialize(AbstractENS _ens, bytes32 _rootNode) public onlyInit { + initialized(); + + // We need ownership to create subnodes + require(_ens.owner(_rootNode) == address(this), ERROR_NO_NODE_OWNERSHIP); + + ens = _ens; + rootNode = _rootNode; + } + + function createName(bytes32 _label, address _owner) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + return _createName(_label, _owner); + } + + function createNameAndPoint(bytes32 _label, address _target) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + node = _createName(_label, this); + _pointToResolverAndResolve(node, _target); + } + + function deleteName(bytes32 _label) external auth(DELETE_NAME_ROLE) { + bytes32 node = getNodeForLabel(_label); + + address currentOwner = ens.owner(node); + + require(currentOwner != address(0), ERROR_NAME_DOESNT_EXIST); // fail if deleting unset name + + if (currentOwner != address(this)) { // needs to reclaim ownership so it can set resolver + ens.setSubnodeOwner(rootNode, _label, this); + } + + ens.setResolver(node, address(0)); // remove resolver so it ends resolving + ens.setOwner(node, address(0)); + + emit DeleteName(node, _label); + } + + function pointRootNode(address _target) external auth(POINT_ROOTNODE_ROLE) { + _pointToResolverAndResolve(rootNode, _target); + } + + function _createName(bytes32 _label, address _owner) internal returns (bytes32 node) { + node = getNodeForLabel(_label); + require(ens.owner(node) == address(0), ERROR_NAME_EXISTS); // avoid name reset + + ens.setSubnodeOwner(rootNode, _label, _owner); + + emit NewName(node, _label); + + return node; + } + + function _pointToResolverAndResolve(bytes32 _node, address _target) internal { + address publicResolver = getAddr(PUBLIC_RESOLVER_NODE); + ens.setResolver(_node, publicResolver); + + PublicResolver(publicResolver).setAddr(_node, _target); + } + + function getAddr(bytes32 node) internal view returns (address) { + address resolver = ens.resolver(node); + return PublicResolver(resolver).addr(node); + } + + function getNodeForLabel(bytes32 _label) internal view returns (bytes32) { + return keccak256(abi.encodePacked(rootNode, _label)); + } +} +// File: contracts/lib/misc/ERCProxy.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ERCProxy { + uint256 internal constant FORWARDING = 1; + uint256 internal constant UPGRADEABLE = 2; + + function proxyType() public pure returns (uint256 proxyTypeId); + function implementation() public view returns (address codeAddr); +} +// File: contracts/common/DelegateProxy.sol +contract DelegateProxy is ERCProxy, IsContract { + uint256 internal constant FWD_GAS_LIMIT = 10000; + + /** + * @dev Performs a delegatecall and returns whatever the delegatecall returned (entire context execution will return!) + * @param _dst Destination address to perform the delegatecall + * @param _calldata Calldata for the delegatecall + */ + function delegatedFwd(address _dst, bytes _calldata) internal { + require(isContract(_dst)); + uint256 fwdGasLimit = FWD_GAS_LIMIT; + + assembly { + let result := delegatecall(sub(gas, fwdGasLimit), _dst, add(_calldata, 0x20), mload(_calldata), 0, 0) + let size := returndatasize + let ptr := mload(0x40) + returndatacopy(ptr, 0, size) + + // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas. + // if the call returned error data, forward it + switch result case 0 { revert(ptr, size) } + default { return(ptr, size) } + } + } +} +// File: contracts/common/DepositableStorage.sol +contract DepositableStorage { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.depositableStorage.depositable") + bytes32 internal constant DEPOSITABLE_POSITION = 0x665fd576fbbe6f247aff98f5c94a561e3f71ec2d3c988d56f12d342396c50cea; + + function isDepositable() public view returns (bool) { + return DEPOSITABLE_POSITION.getStorageBool(); + } + + function setDepositable(bool _depositable) internal { + DEPOSITABLE_POSITION.setStorageBool(_depositable); + } +} +// File: contracts/common/DepositableDelegateProxy.sol +contract DepositableDelegateProxy is DepositableStorage, DelegateProxy { + event ProxyDeposit(address sender, uint256 value); + + function () external payable { + // send / transfer + if (gasleft() < FWD_GAS_LIMIT) { + require(msg.value > 0 && msg.data.length == 0); + require(isDepositable()); + emit ProxyDeposit(msg.sender, msg.value); + } else { // all calls except for send or transfer + address target = implementation(); + delegatedFwd(target, msg.data); + } + } +} +// File: contracts/apps/AppProxyBase.sol +contract AppProxyBase is AppStorage, DepositableDelegateProxy, KernelNamespaceConstants { + /** + * @dev Initialize AppProxy + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public { + setKernel(_kernel); + setAppId(_appId); + + // Implicit check that kernel is actually a Kernel + // The EVM doesn't actually provide a way for us to make sure, but we can force a revert to + // occur if the kernel is set to 0x0 or a non-code address when we try to call a method on + // it. + address appCode = getAppBase(_appId); + + // If initialize payload is provided, it will be executed + if (_initializePayload.length > 0) { + require(isContract(appCode)); + // Cannot make delegatecall as a delegateproxy.delegatedFwd as it + // returns ending execution context and halts contract deployment + require(appCode.delegatecall(_initializePayload)); + } + } + + function getAppBase(bytes32 _appId) internal view returns (address) { + return kernel().getApp(KERNEL_APP_BASES_NAMESPACE, _appId); + } +} +// File: contracts/apps/AppProxyUpgradeable.sol +contract AppProxyUpgradeable is AppProxyBase { + /** + * @dev Initialize AppProxyUpgradeable (makes it an upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return getAppBase(appId()); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } +} +// File: contracts/apps/AppProxyPinned.sol +contract AppProxyPinned is IsContract, AppProxyBase { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.appStorage.pinnedCode") + bytes32 internal constant PINNED_CODE_POSITION = 0xdee64df20d65e53d7f51cb6ab6d921a0a6a638a91e942e1d8d02df28e31c038e; + + /** + * @dev Initialize AppProxyPinned (makes it an un-upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + setPinnedCode(getAppBase(_appId)); + require(isContract(pinnedCode())); + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return pinnedCode(); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return FORWARDING; + } + + function setPinnedCode(address _pinnedCode) internal { + PINNED_CODE_POSITION.setStorageAddress(_pinnedCode); + } + + function pinnedCode() internal view returns (address) { + return PINNED_CODE_POSITION.getStorageAddress(); + } +} +// File: contracts/factory/AppProxyFactory.sol +contract AppProxyFactory { + event NewAppProxy(address proxy, bool isUpgradeable, bytes32 appId); + + function newAppProxy(IKernel _kernel, bytes32 _appId) public returns (AppProxyUpgradeable) { + return newAppProxy(_kernel, _appId, new bytes(0)); + } + + function newAppProxy(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyUpgradeable) { + AppProxyUpgradeable proxy = new AppProxyUpgradeable(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), true, _appId); + return proxy; + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId) public returns (AppProxyPinned) { + return newAppProxyPinned(_kernel, _appId, new bytes(0)); + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyPinned) { + AppProxyPinned proxy = new AppProxyPinned(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), false, _appId); + return proxy; + } +} +// File: contracts/acl/IACLOracle.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACLOracle { + function canPerform(address who, address where, bytes32 what, uint256[] how) external view returns (bool); +} +// File: contracts/acl/ACL.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ACL is IACL, TimeHelpers, AragonApp, ACLHelpers { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_PERMISSIONS_ROLE = keccak256("CREATE_PERMISSIONS_ROLE"); + */ + bytes32 public constant CREATE_PERMISSIONS_ROLE = 0x0b719b33c83b8e5d300c521cb8b54ae9bd933996a14bef8c2f4e0285d2d2400a; + + enum Op { NONE, EQ, NEQ, GT, LT, GTE, LTE, RET, NOT, AND, OR, XOR, IF_ELSE } // op types + + struct Param { + uint8 id; + uint8 op; + uint240 value; // even though value is an uint240 it can store addresses + // in the case of 32 byte hashes losing 2 bytes precision isn't a huge deal + // op and id take less than 1 byte each so it can be kept in 1 sstore + } + + uint8 internal constant BLOCK_NUMBER_PARAM_ID = 200; + uint8 internal constant TIMESTAMP_PARAM_ID = 201; + // 202 is unused + uint8 internal constant ORACLE_PARAM_ID = 203; + uint8 internal constant LOGIC_OP_PARAM_ID = 204; + uint8 internal constant PARAM_VALUE_PARAM_ID = 205; + // TODO: Add execution times param type? + + /* Hardcoded constant to save gas + bytes32 public constant EMPTY_PARAM_HASH = keccak256(uint256(0)); + */ + bytes32 public constant EMPTY_PARAM_HASH = 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563; + bytes32 public constant NO_PERMISSION = bytes32(0); + address public constant ANY_ENTITY = address(-1); + address public constant BURN_ENTITY = address(1); // address(0) is already used as "no permission manager" + + uint256 internal constant ORACLE_CHECK_GAS = 30000; + + string private constant ERROR_AUTH_INIT_KERNEL = "ACL_AUTH_INIT_KERNEL"; + string private constant ERROR_AUTH_NO_MANAGER = "ACL_AUTH_NO_MANAGER"; + string private constant ERROR_EXISTENT_MANAGER = "ACL_EXISTENT_MANAGER"; + + // Whether someone has a permission + mapping (bytes32 => bytes32) internal permissions; // permissions hash => params hash + mapping (bytes32 => Param[]) internal permissionParams; // params hash => params + + // Who is the manager of a permission + mapping (bytes32 => address) internal permissionManager; + + event SetPermission(address indexed entity, address indexed app, bytes32 indexed role, bool allowed); + event SetPermissionParams(address indexed entity, address indexed app, bytes32 indexed role, bytes32 paramsHash); + event ChangePermissionManager(address indexed app, bytes32 indexed role, address indexed manager); + + modifier onlyPermissionManager(address _app, bytes32 _role) { + require(msg.sender == getPermissionManager(_app, _role), ERROR_AUTH_NO_MANAGER); + _; + } + + modifier noPermissionManager(address _app, bytes32 _role) { + // only allow permission creation (or re-creation) when there is no manager + require(getPermissionManager(_app, _role) == address(0), ERROR_EXISTENT_MANAGER); + _; + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(address _permissionsCreator) public onlyInit { + initialized(); + require(msg.sender == address(kernel()), ERROR_AUTH_INIT_KERNEL); + + _createPermission(_permissionsCreator, this, CREATE_PERMISSIONS_ROLE, _permissionsCreator); + } + + /** + * @dev Creates a permission that wasn't previously set and managed. + * If a created permission is removed it is possible to reset it with createPermission. + * This is the **ONLY** way to create permissions and set managers to permissions that don't + * have a manager. + * In terms of the ACL being initialized, this function implicitly protects all the other + * state-changing external functions, as they all require the sender to be a manager. + * @notice Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _manager Address of the entity that will be able to grant and revoke the permission further. + */ + function createPermission(address _entity, address _app, bytes32 _role, address _manager) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _createPermission(_entity, _app, _role, _manager); + } + + /** + * @dev Grants permission if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + */ + function grantPermission(address _entity, address _app, bytes32 _role) + external + { + grantPermissionP(_entity, _app, _role, new uint256[](0)); + } + + /** + * @dev Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _params Permission parameters + */ + function grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) + public + onlyPermissionManager(_app, _role) + { + bytes32 paramsHash = _params.length > 0 ? _saveParams(_params) : EMPTY_PARAM_HASH; + _setPermission(_entity, _app, _role, paramsHash); + } + + /** + * @dev Revokes permission if allowed. This requires `msg.sender` to be the the permission manager + * @notice Revoke from `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity to revoke access from + * @param _app Address of the app in which the role will be revoked + * @param _role Identifier for the group of actions in app being revoked + */ + function revokePermission(address _entity, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermission(_entity, _app, _role, NO_PERMISSION); + } + + /** + * @notice Set `_newManager` as the manager of `_role` in `_app` + * @param _newManager Address for the new manager + * @param _app Address of the app in which the permission management is being transferred + * @param _role Identifier for the group of actions being transferred + */ + function setPermissionManager(address _newManager, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(_newManager, _app, _role); + } + + /** + * @notice Remove the manager of `_role` in `_app` + * @param _app Address of the app in which the permission is being unmanaged + * @param _role Identifier for the group of actions being unmanaged + */ + function removePermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(address(0), _app, _role); + } + + /** + * @notice Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function createBurnedPermission(address _app, bytes32 _role) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function burnPermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Get parameters for permission array length + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return Length of the array + */ + function getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint) { + return permissionParams[permissions[permissionHash(_entity, _app, _role)]].length; + } + + /** + * @notice Get parameter for permission + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @param _index Index of parameter in the array + * @return Parameter (id, op, value) + */ + function getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) + external + view + returns (uint8, uint8, uint240) + { + Param storage param = permissionParams[permissions[permissionHash(_entity, _app, _role)]][_index]; + return (param.id, param.op, param.value); + } + + /** + * @dev Get manager for permission + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return address of the manager for the permission + */ + function getPermissionManager(address _app, bytes32 _role) public view returns (address) { + return permissionManager[roleHash(_app, _role)]; + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission statu + * @param _who Sender of the original call + * @param _where Address of the app + * @param _where Identifier for a group of actions in app + * @param _how Permission parameters + * @return boolean indicating whether the ACL allows the role or not + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes memory _how) public view returns (bool) { + // Force cast the bytes array into a uint256[], by overwriting its length + // Note that the uint256[] doesn't need to be initialized as we immediately overwrite it + // with _how and a new length, and _how becomes invalid from this point forward + uint256[] memory how; + uint256 intsLength = _how.length / 32; + assembly { + how := _how + mstore(how, intsLength) + } + + return hasPermission(_who, _where, _what, how); + } + + function hasPermission(address _who, address _where, bytes32 _what, uint256[] memory _how) public view returns (bool) { + bytes32 whoParams = permissions[permissionHash(_who, _where, _what)]; + if (whoParams != NO_PERMISSION && evalParams(whoParams, _who, _where, _what, _how)) { + return true; + } + + bytes32 anyParams = permissions[permissionHash(ANY_ENTITY, _where, _what)]; + if (anyParams != NO_PERMISSION && evalParams(anyParams, ANY_ENTITY, _where, _what, _how)) { + return true; + } + + return false; + } + + function hasPermission(address _who, address _where, bytes32 _what) public view returns (bool) { + uint256[] memory empty = new uint256[](0); + return hasPermission(_who, _where, _what, empty); + } + + function evalParams( + bytes32 _paramsHash, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) public view returns (bool) + { + if (_paramsHash == EMPTY_PARAM_HASH) { + return true; + } + + return _evalParam(_paramsHash, 0, _who, _where, _what, _how); + } + + /** + * @dev Internal createPermission for access inside the kernel (on instantiation) + */ + function _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal { + _setPermission(_entity, _app, _role, EMPTY_PARAM_HASH); + _setPermissionManager(_manager, _app, _role); + } + + /** + * @dev Internal function called to actually save the permission + */ + function _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal { + permissions[permissionHash(_entity, _app, _role)] = _paramsHash; + bool entityHasPermission = _paramsHash != NO_PERMISSION; + bool permissionHasParams = entityHasPermission && _paramsHash != EMPTY_PARAM_HASH; + + emit SetPermission(_entity, _app, _role, entityHasPermission); + if (permissionHasParams) { + emit SetPermissionParams(_entity, _app, _role, _paramsHash); + } + } + + function _saveParams(uint256[] _encodedParams) internal returns (bytes32) { + bytes32 paramHash = keccak256(abi.encodePacked(_encodedParams)); + Param[] storage params = permissionParams[paramHash]; + + if (params.length == 0) { // params not saved before + for (uint256 i = 0; i < _encodedParams.length; i++) { + uint256 encodedParam = _encodedParams[i]; + Param memory param = Param(decodeParamId(encodedParam), decodeParamOp(encodedParam), uint240(encodedParam)); + params.push(param); + } + } + + return paramHash; + } + + function _evalParam( + bytes32 _paramsHash, + uint32 _paramId, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) internal view returns (bool) + { + if (_paramId >= permissionParams[_paramsHash].length) { + return false; // out of bounds + } + + Param memory param = permissionParams[_paramsHash][_paramId]; + + if (param.id == LOGIC_OP_PARAM_ID) { + return _evalLogic(param, _paramsHash, _who, _where, _what, _how); + } + + uint256 value; + uint256 comparedTo = uint256(param.value); + + // get value + if (param.id == ORACLE_PARAM_ID) { + value = checkOracle(IACLOracle(param.value), _who, _where, _what, _how) ? 1 : 0; + comparedTo = 1; + } else if (param.id == BLOCK_NUMBER_PARAM_ID) { + value = getBlockNumber(); + } else if (param.id == TIMESTAMP_PARAM_ID) { + value = getTimestamp(); + } else if (param.id == PARAM_VALUE_PARAM_ID) { + value = uint256(param.value); + } else { + if (param.id >= _how.length) { + return false; + } + value = uint256(uint240(_how[param.id])); // force lost precision + } + + if (Op(param.op) == Op.RET) { + return uint256(value) > 0; + } + + return compare(value, Op(param.op), comparedTo); + } + + function _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) + internal + view + returns (bool) + { + if (Op(_param.op) == Op.IF_ELSE) { + uint32 conditionParam; + uint32 successParam; + uint32 failureParam; + + (conditionParam, successParam, failureParam) = decodeParamsList(uint256(_param.value)); + bool result = _evalParam(_paramsHash, conditionParam, _who, _where, _what, _how); + + return _evalParam(_paramsHash, result ? successParam : failureParam, _who, _where, _what, _how); + } + + uint32 param1; + uint32 param2; + + (param1, param2,) = decodeParamsList(uint256(_param.value)); + bool r1 = _evalParam(_paramsHash, param1, _who, _where, _what, _how); + + if (Op(_param.op) == Op.NOT) { + return !r1; + } + + if (r1 && Op(_param.op) == Op.OR) { + return true; + } + + if (!r1 && Op(_param.op) == Op.AND) { + return false; + } + + bool r2 = _evalParam(_paramsHash, param2, _who, _where, _what, _how); + + if (Op(_param.op) == Op.XOR) { + return r1 != r2; + } + + return r2; // both or and and depend on result of r2 after checks + } + + function compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool) { + if (_op == Op.EQ) return _a == _b; // solium-disable-line lbrace + if (_op == Op.NEQ) return _a != _b; // solium-disable-line lbrace + if (_op == Op.GT) return _a > _b; // solium-disable-line lbrace + if (_op == Op.LT) return _a < _b; // solium-disable-line lbrace + if (_op == Op.GTE) return _a >= _b; // solium-disable-line lbrace + if (_op == Op.LTE) return _a <= _b; // solium-disable-line lbrace + return false; + } + + function checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool) { + bytes4 sig = _oracleAddr.canPerform.selector; + + // a raw call is required so we can return false if the call reverts, rather than reverting + bytes memory checkCalldata = abi.encodeWithSelector(sig, _who, _where, _what, _how); + uint256 oracleCheckGas = ORACLE_CHECK_GAS; + + bool ok; + assembly { + ok := staticcall(oracleCheckGas, _oracleAddr, add(checkCalldata, 0x20), mload(checkCalldata), 0, 0) + } + + if (!ok) { + return false; + } + + uint256 size; + assembly { size := returndatasize } + if (size != 32) { + return false; + } + + bool result; + assembly { + let ptr := mload(0x40) // get next free memory ptr + returndatacopy(ptr, 0, size) // copy return from above `staticcall` + result := mload(ptr) // read data at ptr and set it to result + mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr + } + + return result; + } + + /** + * @dev Internal function that sets management + */ + function _setPermissionManager(address _newManager, address _app, bytes32 _role) internal { + permissionManager[roleHash(_app, _role)] = _newManager; + emit ChangePermissionManager(_app, _role, _newManager); + } + + function roleHash(address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("ROLE", _where, _what)); + } + + function permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("PERMISSION", _who, _where, _what)); + } +} +// File: contracts/apm/Repo.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract Repo is AragonApp { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_VERSION_ROLE = keccak256("CREATE_VERSION_ROLE"); + */ + bytes32 public constant CREATE_VERSION_ROLE = 0x1f56cfecd3595a2e6cc1a7e6cb0b20df84cdbd92eff2fee554e70e4e45a9a7d8; + + string private constant ERROR_INVALID_BUMP = "REPO_INVALID_BUMP"; + string private constant ERROR_INVALID_VERSION = "REPO_INVALID_VERSION"; + string private constant ERROR_INEXISTENT_VERSION = "REPO_INEXISTENT_VERSION"; + + struct Version { + uint16[3] semanticVersion; + address contractAddress; + bytes contentURI; + } + + uint256 internal versionsNextIndex; + mapping (uint256 => Version) internal versions; + mapping (bytes32 => uint256) internal versionIdForSemantic; + mapping (address => uint256) internal latestVersionIdForContract; + + event NewVersion(uint256 versionId, uint16[3] semanticVersion); + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a Repo to be usable + */ + function initialize() public onlyInit { + initialized(); + versionsNextIndex = 1; + } + + /** + * @notice Create new version for repo + * @param _newSemanticVersion Semantic version for new repo version + * @param _contractAddress address for smart contract logic for version (if set to 0, it uses last versions' contractAddress) + * @param _contentURI External URI for fetching new version's content + */ + function newVersion( + uint16[3] _newSemanticVersion, + address _contractAddress, + bytes _contentURI + ) public auth(CREATE_VERSION_ROLE) + { + address contractAddress = _contractAddress; + uint256 lastVersionIndex = versionsNextIndex - 1; + + uint16[3] memory lastSematicVersion; + + if (lastVersionIndex > 0) { + Version storage lastVersion = versions[lastVersionIndex]; + lastSematicVersion = lastVersion.semanticVersion; + + if (contractAddress == address(0)) { + contractAddress = lastVersion.contractAddress; + } + // Only allows smart contract change on major version bumps + require( + lastVersion.contractAddress == contractAddress || _newSemanticVersion[0] > lastVersion.semanticVersion[0], + ERROR_INVALID_VERSION + ); + } + + require(isValidBump(lastSematicVersion, _newSemanticVersion), ERROR_INVALID_BUMP); + + uint256 versionId = versionsNextIndex++; + versions[versionId] = Version(_newSemanticVersion, contractAddress, _contentURI); + versionIdForSemantic[semanticVersionHash(_newSemanticVersion)] = versionId; + latestVersionIdForContract[contractAddress] = versionId; + + emit NewVersion(versionId, _newSemanticVersion); + } + + function getLatest() public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + return getByVersionId(versionsNextIndex - 1); + } + + function getLatestForContractAddress(address _contractAddress) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(latestVersionIdForContract[_contractAddress]); + } + + function getBySemanticVersion(uint16[3] _semanticVersion) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(versionIdForSemantic[semanticVersionHash(_semanticVersion)]); + } + + function getByVersionId(uint _versionId) public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + require(_versionId > 0 && _versionId < versionsNextIndex, ERROR_INEXISTENT_VERSION); + Version storage version = versions[_versionId]; + return (version.semanticVersion, version.contractAddress, version.contentURI); + } + + function getVersionsCount() public view returns (uint256) { + return versionsNextIndex - 1; + } + + function isValidBump(uint16[3] _oldVersion, uint16[3] _newVersion) public pure returns (bool) { + bool hasBumped; + uint i = 0; + while (i < 3) { + if (hasBumped) { + if (_newVersion[i] != 0) { + return false; + } + } else if (_newVersion[i] != _oldVersion[i]) { + if (_oldVersion[i] > _newVersion[i] || _newVersion[i] - _oldVersion[i] != 1) { + return false; + } + hasBumped = true; + } + i++; + } + return hasBumped; + } + + function semanticVersionHash(uint16[3] version) internal pure returns (bytes32) { + return keccak256(abi.encodePacked(version[0], version[1], version[2])); + } +} +// File: contracts/apm/APMRegistry.sol +contract APMInternalAppNames { + string internal constant APM_APP_NAME = "apm-registry"; + string internal constant REPO_APP_NAME = "apm-repo"; + string internal constant ENS_SUB_APP_NAME = "apm-enssub"; +} + + +contract APMRegistry is AragonApp, AppProxyFactory, APMInternalAppNames { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_REPO_ROLE = keccak256("CREATE_REPO_ROLE"); + */ + bytes32 public constant CREATE_REPO_ROLE = 0x2a9494d64846c9fdbf0158785aa330d8bc9caf45af27fa0e8898eb4d55adcea6; + + string private constant ERROR_INIT_PERMISSIONS = "APMREG_INIT_PERMISSIONS"; + string private constant ERROR_EMPTY_NAME = "APMREG_EMPTY_NAME"; + + AbstractENS public ens; + ENSSubdomainRegistrar public registrar; + + event NewRepo(bytes32 id, string name, address repo); + + /** + * NEEDS CREATE_NAME_ROLE and POINT_ROOTNODE_ROLE permissions on registrar + * @param _registrar ENSSubdomainRegistrar instance that holds registry root node ownership + */ + function initialize(ENSSubdomainRegistrar _registrar) public onlyInit { + initialized(); + + registrar = _registrar; + ens = registrar.ens(); + + registrar.pointRootNode(this); + + // Check APM has all permissions it needss + ACL acl = ACL(kernel().acl()); + require(acl.hasPermission(this, registrar, registrar.CREATE_NAME_ROLE()), ERROR_INIT_PERMISSIONS); + require(acl.hasPermission(this, acl, acl.CREATE_PERMISSIONS_ROLE()), ERROR_INIT_PERMISSIONS); + } + + /** + * @notice Create new repo in registry with `_name` + * @param _name Repo name, must be ununsed + * @param _dev Address that will be given permission to create versions + */ + function newRepo(string _name, address _dev) public auth(CREATE_REPO_ROLE) returns (Repo) { + return _newRepo(_name, _dev); + } + + /** + * @notice Create new repo in registry with `_name` and first repo version + * @param _name Repo name + * @param _dev Address that will be given permission to create versions + * @param _initialSemanticVersion Semantic version for new repo version + * @param _contractAddress address for smart contract logic for version (if set to 0, it uses last versions' contractAddress) + * @param _contentURI External URI for fetching new version's content + */ + function newRepoWithVersion( + string _name, + address _dev, + uint16[3] _initialSemanticVersion, + address _contractAddress, + bytes _contentURI + ) public auth(CREATE_REPO_ROLE) returns (Repo) + { + Repo repo = _newRepo(_name, this); // need to have permissions to create version + repo.newVersion(_initialSemanticVersion, _contractAddress, _contentURI); + + // Give permissions to _dev + ACL acl = ACL(kernel().acl()); + acl.revokePermission(this, repo, repo.CREATE_VERSION_ROLE()); + acl.grantPermission(_dev, repo, repo.CREATE_VERSION_ROLE()); + acl.setPermissionManager(_dev, repo, repo.CREATE_VERSION_ROLE()); + return repo; + } + + function _newRepo(string _name, address _dev) internal returns (Repo) { + require(bytes(_name).length > 0, ERROR_EMPTY_NAME); + + Repo repo = newClonedRepo(); + + ACL(kernel().acl()).createPermission(_dev, repo, repo.CREATE_VERSION_ROLE(), _dev); + + // Creates [name] subdomain in the rootNode and sets registry as resolver + // This will fail if repo name already exists + bytes32 node = registrar.createNameAndPoint(keccak256(abi.encodePacked(_name)), repo); + + emit NewRepo(node, _name, repo); + + return repo; + } + + function newClonedRepo() internal returns (Repo repo) { + repo = Repo(newAppProxy(kernel(), repoAppId())); + repo.initialize(); + } + + function repoAppId() internal view returns (bytes32) { + return keccak256(abi.encodePacked(registrar.rootNode(), keccak256(abi.encodePacked(REPO_APP_NAME)))); + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/APMRegistryFactory.sol b/environments/rinkeby/contracts/aragonOS/APMRegistryFactory.sol new file mode 100644 index 0000000..03876be --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/APMRegistryFactory.sol @@ -0,0 +1,2778 @@ +pragma solidity 0.4.24; +// File: contracts/lib/ens/AbstractENS.sol +interface AbstractENS { + function owner(bytes32 _node) public constant returns (address); + function resolver(bytes32 _node) public constant returns (address); + function ttl(bytes32 _node) public constant returns (uint64); + function setOwner(bytes32 _node, address _owner) public; + function setSubnodeOwner(bytes32 _node, bytes32 label, address _owner) public; + function setResolver(bytes32 _node, address _resolver) public; + function setTTL(bytes32 _node, uint64 _ttl) public; + + // Logged when the owner of a node assigns a new owner to a subnode. + event NewOwner(bytes32 indexed _node, bytes32 indexed _label, address _owner); + + // Logged when the owner of a node transfers ownership to a new account. + event Transfer(bytes32 indexed _node, address _owner); + + // Logged when the resolver for a node changes. + event NewResolver(bytes32 indexed _node, address _resolver); + + // Logged when the TTL of a node changes + event NewTTL(bytes32 indexed _node, uint64 _ttl); +} +// File: contracts/lib/ens/PublicResolver.sol +/** + * A simple resolver anyone can use; only allows the owner of a node to set its + * address. + */ +contract PublicResolver { + bytes4 constant INTERFACE_META_ID = 0x01ffc9a7; + bytes4 constant ADDR_INTERFACE_ID = 0x3b3b57de; + bytes4 constant CONTENT_INTERFACE_ID = 0xd8389dc5; + bytes4 constant NAME_INTERFACE_ID = 0x691f3431; + bytes4 constant ABI_INTERFACE_ID = 0x2203ab56; + bytes4 constant PUBKEY_INTERFACE_ID = 0xc8690233; + bytes4 constant TEXT_INTERFACE_ID = 0x59d1d43c; + + event AddrChanged(bytes32 indexed node, address a); + event ContentChanged(bytes32 indexed node, bytes32 hash); + event NameChanged(bytes32 indexed node, string name); + event ABIChanged(bytes32 indexed node, uint256 indexed contentType); + event PubkeyChanged(bytes32 indexed node, bytes32 x, bytes32 y); + event TextChanged(bytes32 indexed node, string indexed indexedKey, string key); + + struct PublicKey { + bytes32 x; + bytes32 y; + } + + struct Record { + address addr; + bytes32 content; + string name; + PublicKey pubkey; + mapping(string=>string) text; + mapping(uint256=>bytes) abis; + } + + AbstractENS ens; + mapping(bytes32=>Record) records; + + modifier only_owner(bytes32 node) { + if (ens.owner(node) != msg.sender) throw; + _; + } + + /** + * Constructor. + * @param ensAddr The ENS registrar contract. + */ + function PublicResolver(AbstractENS ensAddr) public { + ens = ensAddr; + } + + /** + * Returns true if the resolver implements the interface specified by the provided hash. + * @param interfaceID The ID of the interface to check for. + * @return True if the contract implements the requested interface. + */ + function supportsInterface(bytes4 interfaceID) public pure returns (bool) { + return interfaceID == ADDR_INTERFACE_ID || + interfaceID == CONTENT_INTERFACE_ID || + interfaceID == NAME_INTERFACE_ID || + interfaceID == ABI_INTERFACE_ID || + interfaceID == PUBKEY_INTERFACE_ID || + interfaceID == TEXT_INTERFACE_ID || + interfaceID == INTERFACE_META_ID; + } + + /** + * Returns the address associated with an ENS node. + * @param node The ENS node to query. + * @return The associated address. + */ + function addr(bytes32 node) public constant returns (address ret) { + ret = records[node].addr; + } + + /** + * Sets the address associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param addr The address to set. + */ + function setAddr(bytes32 node, address addr) only_owner(node) public { + records[node].addr = addr; + AddrChanged(node, addr); + } + + /** + * Returns the content hash associated with an ENS node. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The ENS node to query. + * @return The associated content hash. + */ + function content(bytes32 node) public constant returns (bytes32 ret) { + ret = records[node].content; + } + + /** + * Sets the content hash associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The node to update. + * @param hash The content hash to set + */ + function setContent(bytes32 node, bytes32 hash) only_owner(node) public { + records[node].content = hash; + ContentChanged(node, hash); + } + + /** + * Returns the name associated with an ENS node, for reverse records. + * Defined in EIP181. + * @param node The ENS node to query. + * @return The associated name. + */ + function name(bytes32 node) public constant returns (string ret) { + ret = records[node].name; + } + + /** + * Sets the name associated with an ENS node, for reverse records. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param name The name to set. + */ + function setName(bytes32 node, string name) only_owner(node) public { + records[node].name = name; + NameChanged(node, name); + } + + /** + * Returns the ABI associated with an ENS node. + * Defined in EIP205. + * @param node The ENS node to query + * @param contentTypes A bitwise OR of the ABI formats accepted by the caller. + * @return contentType The content type of the return value + * @return data The ABI data + */ + function ABI(bytes32 node, uint256 contentTypes) public constant returns (uint256 contentType, bytes data) { + var record = records[node]; + for(contentType = 1; contentType <= contentTypes; contentType <<= 1) { + if ((contentType & contentTypes) != 0 && record.abis[contentType].length > 0) { + data = record.abis[contentType]; + return; + } + } + contentType = 0; + } + + /** + * Sets the ABI associated with an ENS node. + * Nodes may have one ABI of each content type. To remove an ABI, set it to + * the empty string. + * @param node The node to update. + * @param contentType The content type of the ABI + * @param data The ABI data. + */ + function setABI(bytes32 node, uint256 contentType, bytes data) only_owner(node) public { + // Content types must be powers of 2 + if (((contentType - 1) & contentType) != 0) throw; + + records[node].abis[contentType] = data; + ABIChanged(node, contentType); + } + + /** + * Returns the SECP256k1 public key associated with an ENS node. + * Defined in EIP 619. + * @param node The ENS node to query + * @return x, y the X and Y coordinates of the curve point for the public key. + */ + function pubkey(bytes32 node) public constant returns (bytes32 x, bytes32 y) { + return (records[node].pubkey.x, records[node].pubkey.y); + } + + /** + * Sets the SECP256k1 public key associated with an ENS node. + * @param node The ENS node to query + * @param x the X coordinate of the curve point for the public key. + * @param y the Y coordinate of the curve point for the public key. + */ + function setPubkey(bytes32 node, bytes32 x, bytes32 y) only_owner(node) public { + records[node].pubkey = PublicKey(x, y); + PubkeyChanged(node, x, y); + } + + /** + * Returns the text data associated with an ENS node and key. + * @param node The ENS node to query. + * @param key The text data key to query. + * @return The associated text data. + */ + function text(bytes32 node, string key) public constant returns (string ret) { + ret = records[node].text[key]; + } + + /** + * Sets the text data associated with an ENS node and key. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param key The key to set. + * @param value The text data value to set. + */ + function setText(bytes32 node, string key, string value) only_owner(node) public { + records[node].text[key] = value; + TextChanged(node, key, key); + } +} +// File: contracts/ens/ENSConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ENSConstants { + /* Hardcoded constants to save gas + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = keccak256("eth"); + bytes32 internal constant ETH_TLD_NODE = keccak256(abi.encodePacked(ENS_ROOT, ETH_TLD_LABEL)); + bytes32 internal constant PUBLIC_RESOLVER_LABEL = keccak256("resolver"); + bytes32 internal constant PUBLIC_RESOLVER_NODE = keccak256(abi.encodePacked(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL)); + */ + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = 0x4f5b812789fc606be1b3b16908db13fc7a9adf7ca72641f84d75b47069d3d7f0; + bytes32 internal constant ETH_TLD_NODE = 0x93cdeb708b7545dc668eb9280176169d1c33cfd8ed6f04690a0bcc88a93fc4ae; + bytes32 internal constant PUBLIC_RESOLVER_LABEL = 0x329539a1d23af1810c48a07fe7fc66a3b34fbc8b37e9b3cdb97bb88ceab7e4bf; + bytes32 internal constant PUBLIC_RESOLVER_NODE = 0xfdd5d5de6dd63db72bbc2d487944ba13bf775b50a80805fe6fcaba9b0fba88f5; +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/ens/ENSSubdomainRegistrar.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ENSSubdomainRegistrar is AragonApp, ENSConstants { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_NAME_ROLE = keccak256("CREATE_NAME_ROLE"); + bytes32 public constant DELETE_NAME_ROLE = keccak256("DELETE_NAME_ROLE"); + bytes32 public constant POINT_ROOTNODE_ROLE = keccak256("POINT_ROOTNODE_ROLE"); + */ + bytes32 public constant CREATE_NAME_ROLE = 0xf86bc2abe0919ab91ef714b2bec7c148d94f61fdb069b91a6cfe9ecdee1799ba; + bytes32 public constant DELETE_NAME_ROLE = 0x03d74c8724218ad4a99859bcb2d846d39999449fd18013dd8d69096627e68622; + bytes32 public constant POINT_ROOTNODE_ROLE = 0x9ecd0e7bddb2e241c41b595a436c4ea4fd33c9fa0caa8056acf084fc3aa3bfbe; + + string private constant ERROR_NO_NODE_OWNERSHIP = "ENSSUB_NO_NODE_OWNERSHIP"; + string private constant ERROR_NAME_EXISTS = "ENSSUB_NAME_EXISTS"; + string private constant ERROR_NAME_DOESNT_EXIST = "ENSSUB_DOESNT_EXIST"; + + AbstractENS public ens; + bytes32 public rootNode; + + event NewName(bytes32 indexed node, bytes32 indexed label); + event DeleteName(bytes32 indexed node, bytes32 indexed label); + + function initialize(AbstractENS _ens, bytes32 _rootNode) public onlyInit { + initialized(); + + // We need ownership to create subnodes + require(_ens.owner(_rootNode) == address(this), ERROR_NO_NODE_OWNERSHIP); + + ens = _ens; + rootNode = _rootNode; + } + + function createName(bytes32 _label, address _owner) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + return _createName(_label, _owner); + } + + function createNameAndPoint(bytes32 _label, address _target) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + node = _createName(_label, this); + _pointToResolverAndResolve(node, _target); + } + + function deleteName(bytes32 _label) external auth(DELETE_NAME_ROLE) { + bytes32 node = getNodeForLabel(_label); + + address currentOwner = ens.owner(node); + + require(currentOwner != address(0), ERROR_NAME_DOESNT_EXIST); // fail if deleting unset name + + if (currentOwner != address(this)) { // needs to reclaim ownership so it can set resolver + ens.setSubnodeOwner(rootNode, _label, this); + } + + ens.setResolver(node, address(0)); // remove resolver so it ends resolving + ens.setOwner(node, address(0)); + + emit DeleteName(node, _label); + } + + function pointRootNode(address _target) external auth(POINT_ROOTNODE_ROLE) { + _pointToResolverAndResolve(rootNode, _target); + } + + function _createName(bytes32 _label, address _owner) internal returns (bytes32 node) { + node = getNodeForLabel(_label); + require(ens.owner(node) == address(0), ERROR_NAME_EXISTS); // avoid name reset + + ens.setSubnodeOwner(rootNode, _label, _owner); + + emit NewName(node, _label); + + return node; + } + + function _pointToResolverAndResolve(bytes32 _node, address _target) internal { + address publicResolver = getAddr(PUBLIC_RESOLVER_NODE); + ens.setResolver(_node, publicResolver); + + PublicResolver(publicResolver).setAddr(_node, _target); + } + + function getAddr(bytes32 node) internal view returns (address) { + address resolver = ens.resolver(node); + return PublicResolver(resolver).addr(node); + } + + function getNodeForLabel(bytes32 _label) internal view returns (bytes32) { + return keccak256(abi.encodePacked(rootNode, _label)); + } +} +// File: contracts/lib/misc/ERCProxy.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ERCProxy { + uint256 internal constant FORWARDING = 1; + uint256 internal constant UPGRADEABLE = 2; + + function proxyType() public pure returns (uint256 proxyTypeId); + function implementation() public view returns (address codeAddr); +} +// File: contracts/common/DelegateProxy.sol +contract DelegateProxy is ERCProxy, IsContract { + uint256 internal constant FWD_GAS_LIMIT = 10000; + + /** + * @dev Performs a delegatecall and returns whatever the delegatecall returned (entire context execution will return!) + * @param _dst Destination address to perform the delegatecall + * @param _calldata Calldata for the delegatecall + */ + function delegatedFwd(address _dst, bytes _calldata) internal { + require(isContract(_dst)); + uint256 fwdGasLimit = FWD_GAS_LIMIT; + + assembly { + let result := delegatecall(sub(gas, fwdGasLimit), _dst, add(_calldata, 0x20), mload(_calldata), 0, 0) + let size := returndatasize + let ptr := mload(0x40) + returndatacopy(ptr, 0, size) + + // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas. + // if the call returned error data, forward it + switch result case 0 { revert(ptr, size) } + default { return(ptr, size) } + } + } +} +// File: contracts/common/DepositableStorage.sol +contract DepositableStorage { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.depositableStorage.depositable") + bytes32 internal constant DEPOSITABLE_POSITION = 0x665fd576fbbe6f247aff98f5c94a561e3f71ec2d3c988d56f12d342396c50cea; + + function isDepositable() public view returns (bool) { + return DEPOSITABLE_POSITION.getStorageBool(); + } + + function setDepositable(bool _depositable) internal { + DEPOSITABLE_POSITION.setStorageBool(_depositable); + } +} +// File: contracts/common/DepositableDelegateProxy.sol +contract DepositableDelegateProxy is DepositableStorage, DelegateProxy { + event ProxyDeposit(address sender, uint256 value); + + function () external payable { + // send / transfer + if (gasleft() < FWD_GAS_LIMIT) { + require(msg.value > 0 && msg.data.length == 0); + require(isDepositable()); + emit ProxyDeposit(msg.sender, msg.value); + } else { // all calls except for send or transfer + address target = implementation(); + delegatedFwd(target, msg.data); + } + } +} +// File: contracts/apps/AppProxyBase.sol +contract AppProxyBase is AppStorage, DepositableDelegateProxy, KernelNamespaceConstants { + /** + * @dev Initialize AppProxy + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public { + setKernel(_kernel); + setAppId(_appId); + + // Implicit check that kernel is actually a Kernel + // The EVM doesn't actually provide a way for us to make sure, but we can force a revert to + // occur if the kernel is set to 0x0 or a non-code address when we try to call a method on + // it. + address appCode = getAppBase(_appId); + + // If initialize payload is provided, it will be executed + if (_initializePayload.length > 0) { + require(isContract(appCode)); + // Cannot make delegatecall as a delegateproxy.delegatedFwd as it + // returns ending execution context and halts contract deployment + require(appCode.delegatecall(_initializePayload)); + } + } + + function getAppBase(bytes32 _appId) internal view returns (address) { + return kernel().getApp(KERNEL_APP_BASES_NAMESPACE, _appId); + } +} +// File: contracts/apps/AppProxyUpgradeable.sol +contract AppProxyUpgradeable is AppProxyBase { + /** + * @dev Initialize AppProxyUpgradeable (makes it an upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return getAppBase(appId()); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } +} +// File: contracts/apps/AppProxyPinned.sol +contract AppProxyPinned is IsContract, AppProxyBase { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.appStorage.pinnedCode") + bytes32 internal constant PINNED_CODE_POSITION = 0xdee64df20d65e53d7f51cb6ab6d921a0a6a638a91e942e1d8d02df28e31c038e; + + /** + * @dev Initialize AppProxyPinned (makes it an un-upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + setPinnedCode(getAppBase(_appId)); + require(isContract(pinnedCode())); + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return pinnedCode(); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return FORWARDING; + } + + function setPinnedCode(address _pinnedCode) internal { + PINNED_CODE_POSITION.setStorageAddress(_pinnedCode); + } + + function pinnedCode() internal view returns (address) { + return PINNED_CODE_POSITION.getStorageAddress(); + } +} +// File: contracts/factory/AppProxyFactory.sol +contract AppProxyFactory { + event NewAppProxy(address proxy, bool isUpgradeable, bytes32 appId); + + function newAppProxy(IKernel _kernel, bytes32 _appId) public returns (AppProxyUpgradeable) { + return newAppProxy(_kernel, _appId, new bytes(0)); + } + + function newAppProxy(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyUpgradeable) { + AppProxyUpgradeable proxy = new AppProxyUpgradeable(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), true, _appId); + return proxy; + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId) public returns (AppProxyPinned) { + return newAppProxyPinned(_kernel, _appId, new bytes(0)); + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyPinned) { + AppProxyPinned proxy = new AppProxyPinned(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), false, _appId); + return proxy; + } +} +// File: contracts/acl/IACLOracle.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACLOracle { + function canPerform(address who, address where, bytes32 what, uint256[] how) external view returns (bool); +} +// File: contracts/acl/ACL.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ACL is IACL, TimeHelpers, AragonApp, ACLHelpers { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_PERMISSIONS_ROLE = keccak256("CREATE_PERMISSIONS_ROLE"); + */ + bytes32 public constant CREATE_PERMISSIONS_ROLE = 0x0b719b33c83b8e5d300c521cb8b54ae9bd933996a14bef8c2f4e0285d2d2400a; + + enum Op { NONE, EQ, NEQ, GT, LT, GTE, LTE, RET, NOT, AND, OR, XOR, IF_ELSE } // op types + + struct Param { + uint8 id; + uint8 op; + uint240 value; // even though value is an uint240 it can store addresses + // in the case of 32 byte hashes losing 2 bytes precision isn't a huge deal + // op and id take less than 1 byte each so it can be kept in 1 sstore + } + + uint8 internal constant BLOCK_NUMBER_PARAM_ID = 200; + uint8 internal constant TIMESTAMP_PARAM_ID = 201; + // 202 is unused + uint8 internal constant ORACLE_PARAM_ID = 203; + uint8 internal constant LOGIC_OP_PARAM_ID = 204; + uint8 internal constant PARAM_VALUE_PARAM_ID = 205; + // TODO: Add execution times param type? + + /* Hardcoded constant to save gas + bytes32 public constant EMPTY_PARAM_HASH = keccak256(uint256(0)); + */ + bytes32 public constant EMPTY_PARAM_HASH = 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563; + bytes32 public constant NO_PERMISSION = bytes32(0); + address public constant ANY_ENTITY = address(-1); + address public constant BURN_ENTITY = address(1); // address(0) is already used as "no permission manager" + + uint256 internal constant ORACLE_CHECK_GAS = 30000; + + string private constant ERROR_AUTH_INIT_KERNEL = "ACL_AUTH_INIT_KERNEL"; + string private constant ERROR_AUTH_NO_MANAGER = "ACL_AUTH_NO_MANAGER"; + string private constant ERROR_EXISTENT_MANAGER = "ACL_EXISTENT_MANAGER"; + + // Whether someone has a permission + mapping (bytes32 => bytes32) internal permissions; // permissions hash => params hash + mapping (bytes32 => Param[]) internal permissionParams; // params hash => params + + // Who is the manager of a permission + mapping (bytes32 => address) internal permissionManager; + + event SetPermission(address indexed entity, address indexed app, bytes32 indexed role, bool allowed); + event SetPermissionParams(address indexed entity, address indexed app, bytes32 indexed role, bytes32 paramsHash); + event ChangePermissionManager(address indexed app, bytes32 indexed role, address indexed manager); + + modifier onlyPermissionManager(address _app, bytes32 _role) { + require(msg.sender == getPermissionManager(_app, _role), ERROR_AUTH_NO_MANAGER); + _; + } + + modifier noPermissionManager(address _app, bytes32 _role) { + // only allow permission creation (or re-creation) when there is no manager + require(getPermissionManager(_app, _role) == address(0), ERROR_EXISTENT_MANAGER); + _; + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(address _permissionsCreator) public onlyInit { + initialized(); + require(msg.sender == address(kernel()), ERROR_AUTH_INIT_KERNEL); + + _createPermission(_permissionsCreator, this, CREATE_PERMISSIONS_ROLE, _permissionsCreator); + } + + /** + * @dev Creates a permission that wasn't previously set and managed. + * If a created permission is removed it is possible to reset it with createPermission. + * This is the **ONLY** way to create permissions and set managers to permissions that don't + * have a manager. + * In terms of the ACL being initialized, this function implicitly protects all the other + * state-changing external functions, as they all require the sender to be a manager. + * @notice Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _manager Address of the entity that will be able to grant and revoke the permission further. + */ + function createPermission(address _entity, address _app, bytes32 _role, address _manager) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _createPermission(_entity, _app, _role, _manager); + } + + /** + * @dev Grants permission if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + */ + function grantPermission(address _entity, address _app, bytes32 _role) + external + { + grantPermissionP(_entity, _app, _role, new uint256[](0)); + } + + /** + * @dev Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _params Permission parameters + */ + function grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) + public + onlyPermissionManager(_app, _role) + { + bytes32 paramsHash = _params.length > 0 ? _saveParams(_params) : EMPTY_PARAM_HASH; + _setPermission(_entity, _app, _role, paramsHash); + } + + /** + * @dev Revokes permission if allowed. This requires `msg.sender` to be the the permission manager + * @notice Revoke from `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity to revoke access from + * @param _app Address of the app in which the role will be revoked + * @param _role Identifier for the group of actions in app being revoked + */ + function revokePermission(address _entity, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermission(_entity, _app, _role, NO_PERMISSION); + } + + /** + * @notice Set `_newManager` as the manager of `_role` in `_app` + * @param _newManager Address for the new manager + * @param _app Address of the app in which the permission management is being transferred + * @param _role Identifier for the group of actions being transferred + */ + function setPermissionManager(address _newManager, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(_newManager, _app, _role); + } + + /** + * @notice Remove the manager of `_role` in `_app` + * @param _app Address of the app in which the permission is being unmanaged + * @param _role Identifier for the group of actions being unmanaged + */ + function removePermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(address(0), _app, _role); + } + + /** + * @notice Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function createBurnedPermission(address _app, bytes32 _role) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function burnPermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Get parameters for permission array length + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return Length of the array + */ + function getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint) { + return permissionParams[permissions[permissionHash(_entity, _app, _role)]].length; + } + + /** + * @notice Get parameter for permission + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @param _index Index of parameter in the array + * @return Parameter (id, op, value) + */ + function getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) + external + view + returns (uint8, uint8, uint240) + { + Param storage param = permissionParams[permissions[permissionHash(_entity, _app, _role)]][_index]; + return (param.id, param.op, param.value); + } + + /** + * @dev Get manager for permission + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return address of the manager for the permission + */ + function getPermissionManager(address _app, bytes32 _role) public view returns (address) { + return permissionManager[roleHash(_app, _role)]; + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission statu + * @param _who Sender of the original call + * @param _where Address of the app + * @param _where Identifier for a group of actions in app + * @param _how Permission parameters + * @return boolean indicating whether the ACL allows the role or not + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes memory _how) public view returns (bool) { + // Force cast the bytes array into a uint256[], by overwriting its length + // Note that the uint256[] doesn't need to be initialized as we immediately overwrite it + // with _how and a new length, and _how becomes invalid from this point forward + uint256[] memory how; + uint256 intsLength = _how.length / 32; + assembly { + how := _how + mstore(how, intsLength) + } + + return hasPermission(_who, _where, _what, how); + } + + function hasPermission(address _who, address _where, bytes32 _what, uint256[] memory _how) public view returns (bool) { + bytes32 whoParams = permissions[permissionHash(_who, _where, _what)]; + if (whoParams != NO_PERMISSION && evalParams(whoParams, _who, _where, _what, _how)) { + return true; + } + + bytes32 anyParams = permissions[permissionHash(ANY_ENTITY, _where, _what)]; + if (anyParams != NO_PERMISSION && evalParams(anyParams, ANY_ENTITY, _where, _what, _how)) { + return true; + } + + return false; + } + + function hasPermission(address _who, address _where, bytes32 _what) public view returns (bool) { + uint256[] memory empty = new uint256[](0); + return hasPermission(_who, _where, _what, empty); + } + + function evalParams( + bytes32 _paramsHash, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) public view returns (bool) + { + if (_paramsHash == EMPTY_PARAM_HASH) { + return true; + } + + return _evalParam(_paramsHash, 0, _who, _where, _what, _how); + } + + /** + * @dev Internal createPermission for access inside the kernel (on instantiation) + */ + function _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal { + _setPermission(_entity, _app, _role, EMPTY_PARAM_HASH); + _setPermissionManager(_manager, _app, _role); + } + + /** + * @dev Internal function called to actually save the permission + */ + function _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal { + permissions[permissionHash(_entity, _app, _role)] = _paramsHash; + bool entityHasPermission = _paramsHash != NO_PERMISSION; + bool permissionHasParams = entityHasPermission && _paramsHash != EMPTY_PARAM_HASH; + + emit SetPermission(_entity, _app, _role, entityHasPermission); + if (permissionHasParams) { + emit SetPermissionParams(_entity, _app, _role, _paramsHash); + } + } + + function _saveParams(uint256[] _encodedParams) internal returns (bytes32) { + bytes32 paramHash = keccak256(abi.encodePacked(_encodedParams)); + Param[] storage params = permissionParams[paramHash]; + + if (params.length == 0) { // params not saved before + for (uint256 i = 0; i < _encodedParams.length; i++) { + uint256 encodedParam = _encodedParams[i]; + Param memory param = Param(decodeParamId(encodedParam), decodeParamOp(encodedParam), uint240(encodedParam)); + params.push(param); + } + } + + return paramHash; + } + + function _evalParam( + bytes32 _paramsHash, + uint32 _paramId, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) internal view returns (bool) + { + if (_paramId >= permissionParams[_paramsHash].length) { + return false; // out of bounds + } + + Param memory param = permissionParams[_paramsHash][_paramId]; + + if (param.id == LOGIC_OP_PARAM_ID) { + return _evalLogic(param, _paramsHash, _who, _where, _what, _how); + } + + uint256 value; + uint256 comparedTo = uint256(param.value); + + // get value + if (param.id == ORACLE_PARAM_ID) { + value = checkOracle(IACLOracle(param.value), _who, _where, _what, _how) ? 1 : 0; + comparedTo = 1; + } else if (param.id == BLOCK_NUMBER_PARAM_ID) { + value = getBlockNumber(); + } else if (param.id == TIMESTAMP_PARAM_ID) { + value = getTimestamp(); + } else if (param.id == PARAM_VALUE_PARAM_ID) { + value = uint256(param.value); + } else { + if (param.id >= _how.length) { + return false; + } + value = uint256(uint240(_how[param.id])); // force lost precision + } + + if (Op(param.op) == Op.RET) { + return uint256(value) > 0; + } + + return compare(value, Op(param.op), comparedTo); + } + + function _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) + internal + view + returns (bool) + { + if (Op(_param.op) == Op.IF_ELSE) { + uint32 conditionParam; + uint32 successParam; + uint32 failureParam; + + (conditionParam, successParam, failureParam) = decodeParamsList(uint256(_param.value)); + bool result = _evalParam(_paramsHash, conditionParam, _who, _where, _what, _how); + + return _evalParam(_paramsHash, result ? successParam : failureParam, _who, _where, _what, _how); + } + + uint32 param1; + uint32 param2; + + (param1, param2,) = decodeParamsList(uint256(_param.value)); + bool r1 = _evalParam(_paramsHash, param1, _who, _where, _what, _how); + + if (Op(_param.op) == Op.NOT) { + return !r1; + } + + if (r1 && Op(_param.op) == Op.OR) { + return true; + } + + if (!r1 && Op(_param.op) == Op.AND) { + return false; + } + + bool r2 = _evalParam(_paramsHash, param2, _who, _where, _what, _how); + + if (Op(_param.op) == Op.XOR) { + return r1 != r2; + } + + return r2; // both or and and depend on result of r2 after checks + } + + function compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool) { + if (_op == Op.EQ) return _a == _b; // solium-disable-line lbrace + if (_op == Op.NEQ) return _a != _b; // solium-disable-line lbrace + if (_op == Op.GT) return _a > _b; // solium-disable-line lbrace + if (_op == Op.LT) return _a < _b; // solium-disable-line lbrace + if (_op == Op.GTE) return _a >= _b; // solium-disable-line lbrace + if (_op == Op.LTE) return _a <= _b; // solium-disable-line lbrace + return false; + } + + function checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool) { + bytes4 sig = _oracleAddr.canPerform.selector; + + // a raw call is required so we can return false if the call reverts, rather than reverting + bytes memory checkCalldata = abi.encodeWithSelector(sig, _who, _where, _what, _how); + uint256 oracleCheckGas = ORACLE_CHECK_GAS; + + bool ok; + assembly { + ok := staticcall(oracleCheckGas, _oracleAddr, add(checkCalldata, 0x20), mload(checkCalldata), 0, 0) + } + + if (!ok) { + return false; + } + + uint256 size; + assembly { size := returndatasize } + if (size != 32) { + return false; + } + + bool result; + assembly { + let ptr := mload(0x40) // get next free memory ptr + returndatacopy(ptr, 0, size) // copy return from above `staticcall` + result := mload(ptr) // read data at ptr and set it to result + mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr + } + + return result; + } + + /** + * @dev Internal function that sets management + */ + function _setPermissionManager(address _newManager, address _app, bytes32 _role) internal { + permissionManager[roleHash(_app, _role)] = _newManager; + emit ChangePermissionManager(_app, _role, _newManager); + } + + function roleHash(address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("ROLE", _where, _what)); + } + + function permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("PERMISSION", _who, _where, _what)); + } +} +// File: contracts/apm/Repo.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract Repo is AragonApp { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_VERSION_ROLE = keccak256("CREATE_VERSION_ROLE"); + */ + bytes32 public constant CREATE_VERSION_ROLE = 0x1f56cfecd3595a2e6cc1a7e6cb0b20df84cdbd92eff2fee554e70e4e45a9a7d8; + + string private constant ERROR_INVALID_BUMP = "REPO_INVALID_BUMP"; + string private constant ERROR_INVALID_VERSION = "REPO_INVALID_VERSION"; + string private constant ERROR_INEXISTENT_VERSION = "REPO_INEXISTENT_VERSION"; + + struct Version { + uint16[3] semanticVersion; + address contractAddress; + bytes contentURI; + } + + uint256 internal versionsNextIndex; + mapping (uint256 => Version) internal versions; + mapping (bytes32 => uint256) internal versionIdForSemantic; + mapping (address => uint256) internal latestVersionIdForContract; + + event NewVersion(uint256 versionId, uint16[3] semanticVersion); + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a Repo to be usable + */ + function initialize() public onlyInit { + initialized(); + versionsNextIndex = 1; + } + + /** + * @notice Create new version for repo + * @param _newSemanticVersion Semantic version for new repo version + * @param _contractAddress address for smart contract logic for version (if set to 0, it uses last versions' contractAddress) + * @param _contentURI External URI for fetching new version's content + */ + function newVersion( + uint16[3] _newSemanticVersion, + address _contractAddress, + bytes _contentURI + ) public auth(CREATE_VERSION_ROLE) + { + address contractAddress = _contractAddress; + uint256 lastVersionIndex = versionsNextIndex - 1; + + uint16[3] memory lastSematicVersion; + + if (lastVersionIndex > 0) { + Version storage lastVersion = versions[lastVersionIndex]; + lastSematicVersion = lastVersion.semanticVersion; + + if (contractAddress == address(0)) { + contractAddress = lastVersion.contractAddress; + } + // Only allows smart contract change on major version bumps + require( + lastVersion.contractAddress == contractAddress || _newSemanticVersion[0] > lastVersion.semanticVersion[0], + ERROR_INVALID_VERSION + ); + } + + require(isValidBump(lastSematicVersion, _newSemanticVersion), ERROR_INVALID_BUMP); + + uint256 versionId = versionsNextIndex++; + versions[versionId] = Version(_newSemanticVersion, contractAddress, _contentURI); + versionIdForSemantic[semanticVersionHash(_newSemanticVersion)] = versionId; + latestVersionIdForContract[contractAddress] = versionId; + + emit NewVersion(versionId, _newSemanticVersion); + } + + function getLatest() public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + return getByVersionId(versionsNextIndex - 1); + } + + function getLatestForContractAddress(address _contractAddress) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(latestVersionIdForContract[_contractAddress]); + } + + function getBySemanticVersion(uint16[3] _semanticVersion) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(versionIdForSemantic[semanticVersionHash(_semanticVersion)]); + } + + function getByVersionId(uint _versionId) public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + require(_versionId > 0 && _versionId < versionsNextIndex, ERROR_INEXISTENT_VERSION); + Version storage version = versions[_versionId]; + return (version.semanticVersion, version.contractAddress, version.contentURI); + } + + function getVersionsCount() public view returns (uint256) { + return versionsNextIndex - 1; + } + + function isValidBump(uint16[3] _oldVersion, uint16[3] _newVersion) public pure returns (bool) { + bool hasBumped; + uint i = 0; + while (i < 3) { + if (hasBumped) { + if (_newVersion[i] != 0) { + return false; + } + } else if (_newVersion[i] != _oldVersion[i]) { + if (_oldVersion[i] > _newVersion[i] || _newVersion[i] - _oldVersion[i] != 1) { + return false; + } + hasBumped = true; + } + i++; + } + return hasBumped; + } + + function semanticVersionHash(uint16[3] version) internal pure returns (bytes32) { + return keccak256(abi.encodePacked(version[0], version[1], version[2])); + } +} +// File: contracts/apm/APMRegistry.sol +contract APMInternalAppNames { + string internal constant APM_APP_NAME = "apm-registry"; + string internal constant REPO_APP_NAME = "apm-repo"; + string internal constant ENS_SUB_APP_NAME = "apm-enssub"; +} + + +contract APMRegistry is AragonApp, AppProxyFactory, APMInternalAppNames { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_REPO_ROLE = keccak256("CREATE_REPO_ROLE"); + */ + bytes32 public constant CREATE_REPO_ROLE = 0x2a9494d64846c9fdbf0158785aa330d8bc9caf45af27fa0e8898eb4d55adcea6; + + string private constant ERROR_INIT_PERMISSIONS = "APMREG_INIT_PERMISSIONS"; + string private constant ERROR_EMPTY_NAME = "APMREG_EMPTY_NAME"; + + AbstractENS public ens; + ENSSubdomainRegistrar public registrar; + + event NewRepo(bytes32 id, string name, address repo); + + /** + * NEEDS CREATE_NAME_ROLE and POINT_ROOTNODE_ROLE permissions on registrar + * @param _registrar ENSSubdomainRegistrar instance that holds registry root node ownership + */ + function initialize(ENSSubdomainRegistrar _registrar) public onlyInit { + initialized(); + + registrar = _registrar; + ens = registrar.ens(); + + registrar.pointRootNode(this); + + // Check APM has all permissions it needss + ACL acl = ACL(kernel().acl()); + require(acl.hasPermission(this, registrar, registrar.CREATE_NAME_ROLE()), ERROR_INIT_PERMISSIONS); + require(acl.hasPermission(this, acl, acl.CREATE_PERMISSIONS_ROLE()), ERROR_INIT_PERMISSIONS); + } + + /** + * @notice Create new repo in registry with `_name` + * @param _name Repo name, must be ununsed + * @param _dev Address that will be given permission to create versions + */ + function newRepo(string _name, address _dev) public auth(CREATE_REPO_ROLE) returns (Repo) { + return _newRepo(_name, _dev); + } + + /** + * @notice Create new repo in registry with `_name` and first repo version + * @param _name Repo name + * @param _dev Address that will be given permission to create versions + * @param _initialSemanticVersion Semantic version for new repo version + * @param _contractAddress address for smart contract logic for version (if set to 0, it uses last versions' contractAddress) + * @param _contentURI External URI for fetching new version's content + */ + function newRepoWithVersion( + string _name, + address _dev, + uint16[3] _initialSemanticVersion, + address _contractAddress, + bytes _contentURI + ) public auth(CREATE_REPO_ROLE) returns (Repo) + { + Repo repo = _newRepo(_name, this); // need to have permissions to create version + repo.newVersion(_initialSemanticVersion, _contractAddress, _contentURI); + + // Give permissions to _dev + ACL acl = ACL(kernel().acl()); + acl.revokePermission(this, repo, repo.CREATE_VERSION_ROLE()); + acl.grantPermission(_dev, repo, repo.CREATE_VERSION_ROLE()); + acl.setPermissionManager(_dev, repo, repo.CREATE_VERSION_ROLE()); + return repo; + } + + function _newRepo(string _name, address _dev) internal returns (Repo) { + require(bytes(_name).length > 0, ERROR_EMPTY_NAME); + + Repo repo = newClonedRepo(); + + ACL(kernel().acl()).createPermission(_dev, repo, repo.CREATE_VERSION_ROLE(), _dev); + + // Creates [name] subdomain in the rootNode and sets registry as resolver + // This will fail if repo name already exists + bytes32 node = registrar.createNameAndPoint(keccak256(abi.encodePacked(_name)), repo); + + emit NewRepo(node, _name, repo); + + return repo; + } + + function newClonedRepo() internal returns (Repo repo) { + repo = Repo(newAppProxy(kernel(), repoAppId())); + repo.initialize(); + } + + function repoAppId() internal view returns (bytes32) { + return keccak256(abi.encodePacked(registrar.rootNode(), keccak256(abi.encodePacked(REPO_APP_NAME)))); + } +} +// File: contracts/kernel/KernelStorage.sol +contract KernelStorage { + // namespace => app id => address + mapping (bytes32 => mapping (bytes32 => address)) public apps; + bytes32 public recoveryVaultAppId; +} +// File: contracts/kernel/Kernel.sol +// solium-disable-next-line max-len +contract Kernel is IKernel, KernelStorage, KernelAppIds, KernelNamespaceConstants, Petrifiable, IsContract, VaultRecoverable, AppProxyFactory, ACLSyntaxSugar { + /* Hardcoded constants to save gas + bytes32 public constant APP_MANAGER_ROLE = keccak256("APP_MANAGER_ROLE"); + */ + bytes32 public constant APP_MANAGER_ROLE = 0xb6d92708f3d4817afc106147d969e229ced5c46e65e0a5002a0d391287762bd0; + + string private constant ERROR_APP_NOT_CONTRACT = "KERNEL_APP_NOT_CONTRACT"; + string private constant ERROR_INVALID_APP_CHANGE = "KERNEL_INVALID_APP_CHANGE"; + string private constant ERROR_AUTH_FAILED = "KERNEL_AUTH_FAILED"; + + /** + * @dev Constructor that allows the deployer to choose if the base instance should be petrified immediately. + * @param _shouldPetrify Immediately petrify this instance so that it can never be initialized + */ + constructor(bool _shouldPetrify) public { + if (_shouldPetrify) { + petrify(); + } + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a kernel instance along with its ACL and sets `_permissionsCreator` as the entity that can create other permissions + * @param _baseAcl Address of base ACL app + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(IACL _baseAcl, address _permissionsCreator) public onlyInit { + initialized(); + + // Set ACL base + _setApp(KERNEL_APP_BASES_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, _baseAcl); + + // Create ACL instance and attach it as the default ACL app + IACL acl = IACL(newAppProxy(this, KERNEL_DEFAULT_ACL_APP_ID)); + acl.initialize(_permissionsCreator); + _setApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, acl); + + recoveryVaultAppId = KERNEL_DEFAULT_VAULT_APP_ID; + } + + /** + * @dev Create a new instance of an app linked to this kernel + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new instance of an app linked to this kernel and set its base + * implementation if it was not already set + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxy(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newPinnedAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel and set + * its base implementation if it was not already set + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxyPinned(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Set the resolving address of an app instance or base implementation + * @notice Set the resolving address of `_appId` in namespace `_namespace` to `_app` + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @param _app Address of the app instance or base implementation + * @return ID of app + */ + function setApp(bytes32 _namespace, bytes32 _appId, address _app) + public + auth(APP_MANAGER_ROLE, arr(_namespace, _appId)) + { + _setApp(_namespace, _appId, _app); + } + + /** + * @dev Set the default vault id for the escape hatch mechanism + * @param _recoveryVaultAppId Identifier of the recovery vault app + */ + function setRecoveryVaultAppId(bytes32 _recoveryVaultAppId) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_ADDR_NAMESPACE, _recoveryVaultAppId)) + { + recoveryVaultAppId = _recoveryVaultAppId; + } + + // External access to default app id and namespace constants to mimic default getters for constants + /* solium-disable function-order, mixedcase */ + function CORE_NAMESPACE() external pure returns (bytes32) { return KERNEL_CORE_NAMESPACE; } + function APP_BASES_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_BASES_NAMESPACE; } + function APP_ADDR_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_ADDR_NAMESPACE; } + function KERNEL_APP_ID() external pure returns (bytes32) { return KERNEL_CORE_APP_ID; } + function DEFAULT_ACL_APP_ID() external pure returns (bytes32) { return KERNEL_DEFAULT_ACL_APP_ID; } + /* solium-enable function-order, mixedcase */ + + /** + * @dev Get the address of an app instance or base implementation + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @return Address of the app + */ + function getApp(bytes32 _namespace, bytes32 _appId) public view returns (address) { + return apps[_namespace][_appId]; + } + + /** + * @dev Get the address of the recovery Vault instance (to recover funds) + * @return Address of the Vault + */ + function getRecoveryVault() public view returns (address) { + return apps[KERNEL_APP_ADDR_NAMESPACE][recoveryVaultAppId]; + } + + /** + * @dev Get the installed ACL app + * @return ACL app + */ + function acl() public view returns (IACL) { + return IACL(getApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID)); + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission status + * @param _who Sender of the original call + * @param _where Address of the app + * @param _what Identifier for a group of actions in app + * @param _how Extra data for ACL auth + * @return Boolean indicating whether the ACL allows the role or not. + * Always returns false if the kernel hasn't been initialized yet. + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool) { + IACL defaultAcl = acl(); + return address(defaultAcl) != address(0) && // Poor man's initialization check (saves gas) + defaultAcl.hasPermission(_who, _where, _what, _how); + } + + function _setApp(bytes32 _namespace, bytes32 _appId, address _app) internal { + require(isContract(_app), ERROR_APP_NOT_CONTRACT); + apps[_namespace][_appId] = _app; + emit SetApp(_namespace, _appId, _app); + } + + function _setAppIfNew(bytes32 _namespace, bytes32 _appId, address _app) internal { + address app = getApp(_namespace, _appId); + if (app != address(0)) { + // The only way to set an app is if it passes the isContract check, so no need to check it again + require(app == _app, ERROR_INVALID_APP_CHANGE); + } else { + _setApp(_namespace, _appId, _app); + } + } + + modifier auth(bytes32 _role, uint256[] memory params) { + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with params and a new length, and params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = params.length * 32; + assembly { + how := params + mstore(how, byteLength) + } + + require(hasPermission(msg.sender, address(this), _role, how), ERROR_AUTH_FAILED); + _; + } +} +// File: contracts/kernel/KernelProxy.sol +contract KernelProxy is KernelStorage, KernelAppIds, KernelNamespaceConstants, IsContract, DepositableDelegateProxy { + /** + * @dev KernelProxy is a proxy contract to a kernel implementation. The implementation + * can update the reference, which effectively upgrades the contract + * @param _kernelImpl Address of the contract used as implementation for kernel + */ + constructor(IKernel _kernelImpl) public { + require(isContract(address(_kernelImpl))); + apps[KERNEL_CORE_NAMESPACE][KERNEL_CORE_APP_ID] = _kernelImpl; + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return apps[KERNEL_CORE_NAMESPACE][KERNEL_CORE_APP_ID]; + } +} +// File: contracts/evmscript/ScriptHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library ScriptHelpers { + function getSpecId(bytes _script) internal pure returns (uint32) { + return uint32At(_script, 0); + } + + function uint256At(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := mload(add(_data, add(0x20, _location))) + } + } + + function addressAt(bytes _data, uint256 _location) internal pure returns (address result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffffffffffffffffffffffffffffffffffff000000000000000000000000), + 0x1000000000000000000000000) + } + } + + function uint32At(bytes _data, uint256 _location) internal pure returns (uint32 result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffff00000000000000000000000000000000000000000000000000000000), + 0x100000000000000000000000000000000000000000000000000000000) + } + } + + function locationOf(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := add(_data, add(0x20, _location)) + } + } + + function toBytes(bytes4 _sig) internal pure returns (bytes) { + bytes memory payload = new bytes(4); + assembly { mstore(add(payload, 0x20), _sig) } + return payload; + } +} +// File: contracts/evmscript/EVMScriptRegistry.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract EVMScriptRegistry is IEVMScriptRegistry, EVMScriptRegistryConstants, AragonApp { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = keccak256("REGISTRY_ADD_EXECUTOR_ROLE"); + bytes32 public constant REGISTRY_MANAGER_ROLE = keccak256("REGISTRY_MANAGER_ROLE"); + */ + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = 0xc4e90f38eea8c4212a009ca7b8947943ba4d4a58d19b683417f65291d1cd9ed2; + // WARN: Manager can censor all votes and the like happening in an org + bytes32 public constant REGISTRY_MANAGER_ROLE = 0xf7a450ef335e1892cb42c8ca72e7242359d7711924b75db5717410da3f614aa3; + + string private constant ERROR_INEXISTENT_EXECUTOR = "EVMREG_INEXISTENT_EXECUTOR"; + string private constant ERROR_EXECUTOR_ENABLED = "EVMREG_EXECUTOR_ENABLED"; + string private constant ERROR_EXECUTOR_DISABLED = "EVMREG_EXECUTOR_DISABLED"; + + struct ExecutorEntry { + IEVMScriptExecutor executor; + bool enabled; + } + + uint256 private executorsNextIndex; + mapping (uint256 => ExecutorEntry) public executors; + + event EnableExecutor(uint256 indexed executorId, address indexed executorAddress); + event DisableExecutor(uint256 indexed executorId, address indexed executorAddress); + + modifier executorExists(uint256 _executorId) { + require(_executorId > 0 && _executorId < executorsNextIndex, ERROR_INEXISTENT_EXECUTOR); + _; + } + + /** + * @notice Initialize the registry + */ + function initialize() public onlyInit { + initialized(); + // Create empty record to begin executor IDs at 1 + executorsNextIndex = 1; + } + + /** + * @notice Add a new script executor with address `_executor` to the registry + * @param _executor Address of the IEVMScriptExecutor that will be added to the registry + * @return id Identifier of the executor in the registry + */ + function addScriptExecutor(IEVMScriptExecutor _executor) external auth(REGISTRY_ADD_EXECUTOR_ROLE) returns (uint256 id) { + uint256 executorId = executorsNextIndex++; + executors[executorId] = ExecutorEntry(_executor, true); + emit EnableExecutor(executorId, _executor); + return executorId; + } + + /** + * @notice Disable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function disableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + { + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage executorEntry = executors[_executorId]; + require(executorEntry.enabled, ERROR_EXECUTOR_DISABLED); + executorEntry.enabled = false; + emit DisableExecutor(_executorId, executorEntry.executor); + } + + /** + * @notice Enable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function enableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + executorExists(_executorId) + { + ExecutorEntry storage executorEntry = executors[_executorId]; + require(!executorEntry.enabled, ERROR_EXECUTOR_ENABLED); + executorEntry.enabled = true; + emit EnableExecutor(_executorId, executorEntry.executor); + } + + /** + * @dev Get the script executor that can execute a particular script based on its first 4 bytes + * @param _script EVMScript being inspected + */ + function getScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + uint256 id = _script.getSpecId(); + + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage entry = executors[id]; + return entry.enabled ? entry.executor : IEVMScriptExecutor(0); + } +} +// File: contracts/evmscript/executors/BaseEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract BaseEVMScriptExecutor is IEVMScriptExecutor, Autopetrified { + uint256 internal constant SCRIPT_START_LOCATION = 4; +} +// File: contracts/evmscript/executors/CallsScript.sol +// Inspired by https://github.com/reverendus/tx-manager + + + + +contract CallsScript is BaseEVMScriptExecutor { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 internal constant EXECUTOR_TYPE = keccak256("CALLS_SCRIPT"); + */ + bytes32 internal constant EXECUTOR_TYPE = 0x2dc858a00f3e417be1394b87c07158e989ec681ce8cc68a9093680ac1a870302; + + string private constant ERROR_BLACKLISTED_CALL = "EVMCALLS_BLACKLISTED_CALL"; + string private constant ERROR_INVALID_LENGTH = "EVMCALLS_INVALID_LENGTH"; + string private constant ERROR_CALL_REVERTED = "EVMCALLS_CALL_REVERTED"; + + event LogScriptCall(address indexed sender, address indexed src, address indexed dst); + + /** + * @notice Executes a number of call scripts + * @param _script [ specId (uint32) ] many calls with this structure -> + * [ to (address: 20 bytes) ] [ calldataLength (uint32: 4 bytes) ] [ calldata (calldataLength bytes) ] + * @param _blacklist Addresses the script cannot call to, or will revert. + * @return always returns empty byte array + */ + function execScript(bytes _script, bytes, address[] _blacklist) external isInitialized returns (bytes) { + uint256 location = SCRIPT_START_LOCATION; // first 32 bits are spec id + while (location < _script.length) { + address contractAddress = _script.addressAt(location); + // Check address being called is not blacklist + for (uint i = 0; i < _blacklist.length; i++) { + require(contractAddress != _blacklist[i], ERROR_BLACKLISTED_CALL); + } + + // logged before execution to ensure event ordering in receipt + // if failed entire execution is reverted regardless + emit LogScriptCall(msg.sender, address(this), contractAddress); + + uint256 calldataLength = uint256(_script.uint32At(location + 0x14)); + uint256 startOffset = location + 0x14 + 0x04; + uint256 calldataStart = _script.locationOf(startOffset); + + // compute end of script / next location + location = startOffset + calldataLength; + require(location <= _script.length, ERROR_INVALID_LENGTH); + + bool success; + assembly { + success := call(sub(gas, 5000), contractAddress, 0, calldataStart, calldataLength, 0, 0) + } + + require(success, ERROR_CALL_REVERTED); + } + } + + function executorType() external pure returns (bytes32) { + return EXECUTOR_TYPE; + } +} +// File: contracts/factory/EVMScriptRegistryFactory.sol +contract EVMScriptRegistryFactory is AppProxyFactory, EVMScriptRegistryConstants { + EVMScriptRegistry public baseReg; + IEVMScriptExecutor public baseCallScript; + + constructor() public { + baseReg = new EVMScriptRegistry(); + baseCallScript = IEVMScriptExecutor(new CallsScript()); + } + + function newEVMScriptRegistry(Kernel _dao) public returns (EVMScriptRegistry reg) { + bytes memory initPayload = abi.encodeWithSelector(reg.initialize.selector); + reg = EVMScriptRegistry(_dao.newPinnedAppInstance(EVMSCRIPT_REGISTRY_APP_ID, baseReg, initPayload, true)); + + ACL acl = ACL(_dao.acl()); + + acl.createPermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE(), this); + + reg.addScriptExecutor(baseCallScript); // spec 1 = CallsScript + + // Clean up the permissions + acl.revokePermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + acl.removePermissionManager(reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + + return reg; + } +} +// File: contracts/factory/DAOFactory.sol +contract DAOFactory { + IKernel public baseKernel; + IACL public baseACL; + EVMScriptRegistryFactory public regFactory; + + event DeployDAO(address dao); + event DeployEVMScriptRegistry(address reg); + + constructor(IKernel _baseKernel, IACL _baseACL, EVMScriptRegistryFactory _regFactory) public { + // No need to init as it cannot be killed by devops199 + if (address(_regFactory) != address(0)) { + regFactory = _regFactory; + } + + baseKernel = _baseKernel; + baseACL = _baseACL; + } + + /** + * @param _root Address that will be granted control to setup DAO permissions + */ + function newDAO(address _root) public returns (Kernel) { + Kernel dao = Kernel(new KernelProxy(baseKernel)); + + if (address(regFactory) == address(0)) { + dao.initialize(baseACL, _root); + } else { + dao.initialize(baseACL, this); + + ACL acl = ACL(dao.acl()); + bytes32 permRole = acl.CREATE_PERMISSIONS_ROLE(); + bytes32 appManagerRole = dao.APP_MANAGER_ROLE(); + + acl.grantPermission(regFactory, acl, permRole); + + acl.createPermission(regFactory, dao, appManagerRole, this); + + EVMScriptRegistry reg = regFactory.newEVMScriptRegistry(dao); + emit DeployEVMScriptRegistry(address(reg)); + + // Clean up permissions + // First, completely reset the APP_MANAGER_ROLE + acl.revokePermission(regFactory, dao, appManagerRole); + acl.removePermissionManager(dao, appManagerRole); + + // Then, make root the only holder and manager of CREATE_PERMISSIONS_ROLE + acl.revokePermission(regFactory, acl, permRole); + acl.revokePermission(this, acl, permRole); + acl.grantPermission(_root, acl, permRole); + acl.setPermissionManager(_root, acl, permRole); + } + + emit DeployDAO(address(dao)); + + return dao; + } +} +// File: contracts/lib/ens/ENS.sol +/** + * The ENS registry contract. + */ +contract ENS is AbstractENS { + struct Record { + address owner; + address resolver; + uint64 ttl; + } + + mapping(bytes32=>Record) records; + + // Permits modifications only by the owner of the specified node. + modifier only_owner(bytes32 node) { + if (records[node].owner != msg.sender) throw; + _; + } + + /** + * Constructs a new ENS registrar. + */ + function ENS() public { + records[0].owner = msg.sender; + } + + /** + * Returns the address that owns the specified node. + */ + function owner(bytes32 node) public constant returns (address) { + return records[node].owner; + } + + /** + * Returns the address of the resolver for the specified node. + */ + function resolver(bytes32 node) public constant returns (address) { + return records[node].resolver; + } + + /** + * Returns the TTL of a node, and any records associated with it. + */ + function ttl(bytes32 node) public constant returns (uint64) { + return records[node].ttl; + } + + /** + * Transfers ownership of a node to a new address. May only be called by the current + * owner of the node. + * @param node The node to transfer ownership of. + * @param owner The address of the new owner. + */ + function setOwner(bytes32 node, address owner) only_owner(node) public { + Transfer(node, owner); + records[node].owner = owner; + } + + /** + * Transfers ownership of a subnode keccak256(node, label) to a new address. May only be + * called by the owner of the parent node. + * @param node The parent node. + * @param label The hash of the label specifying the subnode. + * @param owner The address of the new owner. + */ + function setSubnodeOwner(bytes32 node, bytes32 label, address owner) only_owner(node) public { + var subnode = keccak256(node, label); + NewOwner(node, label, owner); + records[subnode].owner = owner; + } + + /** + * Sets the resolver address for the specified node. + * @param node The node to update. + * @param resolver The address of the resolver. + */ + function setResolver(bytes32 node, address resolver) only_owner(node) public { + NewResolver(node, resolver); + records[node].resolver = resolver; + } + + /** + * Sets the TTL for the specified node. + * @param node The node to update. + * @param ttl The TTL in seconds. + */ + function setTTL(bytes32 node, uint64 ttl) only_owner(node) public { + NewTTL(node, ttl); + records[node].ttl = ttl; + } +} +// File: contracts/factory/ENSFactory.sol +// Note that this contract is NOT meant to be used in production. +// Its only purpose is to easily create ENS instances for testing APM. +contract ENSFactory is ENSConstants { + event DeployENS(address ens); + + // This is an incredibly trustfull ENS deployment, only use for testing + function newENS(address _owner) public returns (ENS) { + ENS ens = new ENS(); + + // Setup .eth TLD + ens.setSubnodeOwner(ENS_ROOT, ETH_TLD_LABEL, this); + + // Setup public resolver + PublicResolver resolver = new PublicResolver(ens); + ens.setSubnodeOwner(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL, this); + ens.setResolver(PUBLIC_RESOLVER_NODE, resolver); + resolver.setAddr(PUBLIC_RESOLVER_NODE, resolver); + + ens.setOwner(ETH_TLD_NODE, _owner); + ens.setOwner(ENS_ROOT, _owner); + + emit DeployENS(ens); + + return ens; + } +} +// File: contracts/factory/APMRegistryFactory.sol +contract APMRegistryFactory is APMInternalAppNames { + DAOFactory public daoFactory; + APMRegistry public registryBase; + Repo public repoBase; + ENSSubdomainRegistrar public ensSubdomainRegistrarBase; + ENS public ens; + + event DeployAPM(bytes32 indexed node, address apm); + + // Needs either one ENS or ENSFactory + constructor( + DAOFactory _daoFactory, + APMRegistry _registryBase, + Repo _repoBase, + ENSSubdomainRegistrar _ensSubBase, + ENS _ens, + ENSFactory _ensFactory + ) public // DAO initialized without evmscript run support + { + daoFactory = _daoFactory; + registryBase = _registryBase; + repoBase = _repoBase; + ensSubdomainRegistrarBase = _ensSubBase; + + // Either the ENS address provided is used, if any. + // Or we use the ENSFactory to generate a test instance of ENS + // If not the ENS address nor factory address are provided, this will revert + ens = _ens != address(0) ? _ens : _ensFactory.newENS(this); + } + + function newAPM(bytes32 _tld, bytes32 _label, address _root) public returns (APMRegistry) { + bytes32 node = keccak256(abi.encodePacked(_tld, _label)); + + // Assume it is the test ENS + if (ens.owner(node) != address(this)) { + // If we weren't in test ens and factory doesn't have ownership, will fail + require(ens.owner(_tld) == address(this)); + ens.setSubnodeOwner(_tld, _label, this); + } + + Kernel dao = daoFactory.newDAO(this); + ACL acl = ACL(dao.acl()); + + acl.createPermission(this, dao, dao.APP_MANAGER_ROLE(), this); + + // Deploy app proxies + bytes memory noInit = new bytes(0); + ENSSubdomainRegistrar ensSub = ENSSubdomainRegistrar( + dao.newAppInstance( + keccak256(abi.encodePacked(node, keccak256(abi.encodePacked(ENS_SUB_APP_NAME)))), + ensSubdomainRegistrarBase, + noInit, + false + ) + ); + APMRegistry apm = APMRegistry( + dao.newAppInstance( + keccak256(abi.encodePacked(node, keccak256(abi.encodePacked(APM_APP_NAME)))), + registryBase, + noInit, + false + ) + ); + + // APMRegistry controls Repos + bytes32 repoAppId = keccak256(abi.encodePacked(node, keccak256(abi.encodePacked(REPO_APP_NAME)))); + dao.setApp(dao.APP_BASES_NAMESPACE(), repoAppId, repoBase); + + emit DeployAPM(node, apm); + + // Grant permissions needed for APM on ENSSubdomainRegistrar + acl.createPermission(apm, ensSub, ensSub.CREATE_NAME_ROLE(), _root); + acl.createPermission(apm, ensSub, ensSub.POINT_ROOTNODE_ROLE(), _root); + + // allow apm to create permissions for Repos in Kernel + bytes32 permRole = acl.CREATE_PERMISSIONS_ROLE(); + + acl.grantPermission(apm, acl, permRole); + + // Initialize + ens.setOwner(node, ensSub); + ensSub.initialize(ens, node); + apm.initialize(ensSub); + + uint16[3] memory firstVersion; + firstVersion[0] = 1; + + acl.createPermission(this, apm, apm.CREATE_REPO_ROLE(), this); + + apm.newRepoWithVersion(APM_APP_NAME, _root, firstVersion, registryBase, b("ipfs:apm")); + apm.newRepoWithVersion(ENS_SUB_APP_NAME, _root, firstVersion, ensSubdomainRegistrarBase, b("ipfs:enssub")); + apm.newRepoWithVersion(REPO_APP_NAME, _root, firstVersion, repoBase, b("ipfs:repo")); + + configureAPMPermissions(acl, apm, _root); + + // Permission transition to _root + acl.setPermissionManager(_root, dao, dao.APP_MANAGER_ROLE()); + acl.revokePermission(this, acl, permRole); + acl.grantPermission(_root, acl, permRole); + acl.setPermissionManager(_root, acl, permRole); + + return apm; + } + + function b(string memory x) internal pure returns (bytes memory y) { + y = bytes(x); + } + + // Factory can be subclassed and permissions changed + function configureAPMPermissions(ACL _acl, APMRegistry _apm, address _root) internal { + _acl.grantPermission(_root, _apm, _apm.CREATE_REPO_ROLE()); + _acl.setPermissionManager(_root, _apm, _apm.CREATE_REPO_ROLE()); + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/DAOFactory.sol b/environments/rinkeby/contracts/aragonOS/DAOFactory.sol new file mode 100644 index 0000000..46314c3 --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/DAOFactory.sol @@ -0,0 +1,1972 @@ +pragma solidity 0.4.24; +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/kernel/KernelStorage.sol +contract KernelStorage { + // namespace => app id => address + mapping (bytes32 => mapping (bytes32 => address)) public apps; + bytes32 public recoveryVaultAppId; +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/lib/misc/ERCProxy.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ERCProxy { + uint256 internal constant FORWARDING = 1; + uint256 internal constant UPGRADEABLE = 2; + + function proxyType() public pure returns (uint256 proxyTypeId); + function implementation() public view returns (address codeAddr); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/DelegateProxy.sol +contract DelegateProxy is ERCProxy, IsContract { + uint256 internal constant FWD_GAS_LIMIT = 10000; + + /** + * @dev Performs a delegatecall and returns whatever the delegatecall returned (entire context execution will return!) + * @param _dst Destination address to perform the delegatecall + * @param _calldata Calldata for the delegatecall + */ + function delegatedFwd(address _dst, bytes _calldata) internal { + require(isContract(_dst)); + uint256 fwdGasLimit = FWD_GAS_LIMIT; + + assembly { + let result := delegatecall(sub(gas, fwdGasLimit), _dst, add(_calldata, 0x20), mload(_calldata), 0, 0) + let size := returndatasize + let ptr := mload(0x40) + returndatacopy(ptr, 0, size) + + // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas. + // if the call returned error data, forward it + switch result case 0 { revert(ptr, size) } + default { return(ptr, size) } + } + } +} +// File: contracts/common/DepositableStorage.sol +contract DepositableStorage { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.depositableStorage.depositable") + bytes32 internal constant DEPOSITABLE_POSITION = 0x665fd576fbbe6f247aff98f5c94a561e3f71ec2d3c988d56f12d342396c50cea; + + function isDepositable() public view returns (bool) { + return DEPOSITABLE_POSITION.getStorageBool(); + } + + function setDepositable(bool _depositable) internal { + DEPOSITABLE_POSITION.setStorageBool(_depositable); + } +} +// File: contracts/common/DepositableDelegateProxy.sol +contract DepositableDelegateProxy is DepositableStorage, DelegateProxy { + event ProxyDeposit(address sender, uint256 value); + + function () external payable { + // send / transfer + if (gasleft() < FWD_GAS_LIMIT) { + require(msg.value > 0 && msg.data.length == 0); + require(isDepositable()); + emit ProxyDeposit(msg.sender, msg.value); + } else { // all calls except for send or transfer + address target = implementation(); + delegatedFwd(target, msg.data); + } + } +} +// File: contracts/apps/AppProxyBase.sol +contract AppProxyBase is AppStorage, DepositableDelegateProxy, KernelNamespaceConstants { + /** + * @dev Initialize AppProxy + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public { + setKernel(_kernel); + setAppId(_appId); + + // Implicit check that kernel is actually a Kernel + // The EVM doesn't actually provide a way for us to make sure, but we can force a revert to + // occur if the kernel is set to 0x0 or a non-code address when we try to call a method on + // it. + address appCode = getAppBase(_appId); + + // If initialize payload is provided, it will be executed + if (_initializePayload.length > 0) { + require(isContract(appCode)); + // Cannot make delegatecall as a delegateproxy.delegatedFwd as it + // returns ending execution context and halts contract deployment + require(appCode.delegatecall(_initializePayload)); + } + } + + function getAppBase(bytes32 _appId) internal view returns (address) { + return kernel().getApp(KERNEL_APP_BASES_NAMESPACE, _appId); + } +} +// File: contracts/apps/AppProxyUpgradeable.sol +contract AppProxyUpgradeable is AppProxyBase { + /** + * @dev Initialize AppProxyUpgradeable (makes it an upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return getAppBase(appId()); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } +} +// File: contracts/apps/AppProxyPinned.sol +contract AppProxyPinned is IsContract, AppProxyBase { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.appStorage.pinnedCode") + bytes32 internal constant PINNED_CODE_POSITION = 0xdee64df20d65e53d7f51cb6ab6d921a0a6a638a91e942e1d8d02df28e31c038e; + + /** + * @dev Initialize AppProxyPinned (makes it an un-upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + setPinnedCode(getAppBase(_appId)); + require(isContract(pinnedCode())); + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return pinnedCode(); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return FORWARDING; + } + + function setPinnedCode(address _pinnedCode) internal { + PINNED_CODE_POSITION.setStorageAddress(_pinnedCode); + } + + function pinnedCode() internal view returns (address) { + return PINNED_CODE_POSITION.getStorageAddress(); + } +} +// File: contracts/factory/AppProxyFactory.sol +contract AppProxyFactory { + event NewAppProxy(address proxy, bool isUpgradeable, bytes32 appId); + + function newAppProxy(IKernel _kernel, bytes32 _appId) public returns (AppProxyUpgradeable) { + return newAppProxy(_kernel, _appId, new bytes(0)); + } + + function newAppProxy(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyUpgradeable) { + AppProxyUpgradeable proxy = new AppProxyUpgradeable(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), true, _appId); + return proxy; + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId) public returns (AppProxyPinned) { + return newAppProxyPinned(_kernel, _appId, new bytes(0)); + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyPinned) { + AppProxyPinned proxy = new AppProxyPinned(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), false, _appId); + return proxy; + } +} +// File: contracts/kernel/Kernel.sol +// solium-disable-next-line max-len +contract Kernel is IKernel, KernelStorage, KernelAppIds, KernelNamespaceConstants, Petrifiable, IsContract, VaultRecoverable, AppProxyFactory, ACLSyntaxSugar { + /* Hardcoded constants to save gas + bytes32 public constant APP_MANAGER_ROLE = keccak256("APP_MANAGER_ROLE"); + */ + bytes32 public constant APP_MANAGER_ROLE = 0xb6d92708f3d4817afc106147d969e229ced5c46e65e0a5002a0d391287762bd0; + + string private constant ERROR_APP_NOT_CONTRACT = "KERNEL_APP_NOT_CONTRACT"; + string private constant ERROR_INVALID_APP_CHANGE = "KERNEL_INVALID_APP_CHANGE"; + string private constant ERROR_AUTH_FAILED = "KERNEL_AUTH_FAILED"; + + /** + * @dev Constructor that allows the deployer to choose if the base instance should be petrified immediately. + * @param _shouldPetrify Immediately petrify this instance so that it can never be initialized + */ + constructor(bool _shouldPetrify) public { + if (_shouldPetrify) { + petrify(); + } + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a kernel instance along with its ACL and sets `_permissionsCreator` as the entity that can create other permissions + * @param _baseAcl Address of base ACL app + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(IACL _baseAcl, address _permissionsCreator) public onlyInit { + initialized(); + + // Set ACL base + _setApp(KERNEL_APP_BASES_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, _baseAcl); + + // Create ACL instance and attach it as the default ACL app + IACL acl = IACL(newAppProxy(this, KERNEL_DEFAULT_ACL_APP_ID)); + acl.initialize(_permissionsCreator); + _setApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, acl); + + recoveryVaultAppId = KERNEL_DEFAULT_VAULT_APP_ID; + } + + /** + * @dev Create a new instance of an app linked to this kernel + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new instance of an app linked to this kernel and set its base + * implementation if it was not already set + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxy(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newPinnedAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel and set + * its base implementation if it was not already set + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxyPinned(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Set the resolving address of an app instance or base implementation + * @notice Set the resolving address of `_appId` in namespace `_namespace` to `_app` + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @param _app Address of the app instance or base implementation + * @return ID of app + */ + function setApp(bytes32 _namespace, bytes32 _appId, address _app) + public + auth(APP_MANAGER_ROLE, arr(_namespace, _appId)) + { + _setApp(_namespace, _appId, _app); + } + + /** + * @dev Set the default vault id for the escape hatch mechanism + * @param _recoveryVaultAppId Identifier of the recovery vault app + */ + function setRecoveryVaultAppId(bytes32 _recoveryVaultAppId) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_ADDR_NAMESPACE, _recoveryVaultAppId)) + { + recoveryVaultAppId = _recoveryVaultAppId; + } + + // External access to default app id and namespace constants to mimic default getters for constants + /* solium-disable function-order, mixedcase */ + function CORE_NAMESPACE() external pure returns (bytes32) { return KERNEL_CORE_NAMESPACE; } + function APP_BASES_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_BASES_NAMESPACE; } + function APP_ADDR_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_ADDR_NAMESPACE; } + function KERNEL_APP_ID() external pure returns (bytes32) { return KERNEL_CORE_APP_ID; } + function DEFAULT_ACL_APP_ID() external pure returns (bytes32) { return KERNEL_DEFAULT_ACL_APP_ID; } + /* solium-enable function-order, mixedcase */ + + /** + * @dev Get the address of an app instance or base implementation + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @return Address of the app + */ + function getApp(bytes32 _namespace, bytes32 _appId) public view returns (address) { + return apps[_namespace][_appId]; + } + + /** + * @dev Get the address of the recovery Vault instance (to recover funds) + * @return Address of the Vault + */ + function getRecoveryVault() public view returns (address) { + return apps[KERNEL_APP_ADDR_NAMESPACE][recoveryVaultAppId]; + } + + /** + * @dev Get the installed ACL app + * @return ACL app + */ + function acl() public view returns (IACL) { + return IACL(getApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID)); + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission status + * @param _who Sender of the original call + * @param _where Address of the app + * @param _what Identifier for a group of actions in app + * @param _how Extra data for ACL auth + * @return Boolean indicating whether the ACL allows the role or not. + * Always returns false if the kernel hasn't been initialized yet. + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool) { + IACL defaultAcl = acl(); + return address(defaultAcl) != address(0) && // Poor man's initialization check (saves gas) + defaultAcl.hasPermission(_who, _where, _what, _how); + } + + function _setApp(bytes32 _namespace, bytes32 _appId, address _app) internal { + require(isContract(_app), ERROR_APP_NOT_CONTRACT); + apps[_namespace][_appId] = _app; + emit SetApp(_namespace, _appId, _app); + } + + function _setAppIfNew(bytes32 _namespace, bytes32 _appId, address _app) internal { + address app = getApp(_namespace, _appId); + if (app != address(0)) { + // The only way to set an app is if it passes the isContract check, so no need to check it again + require(app == _app, ERROR_INVALID_APP_CHANGE); + } else { + _setApp(_namespace, _appId, _app); + } + } + + modifier auth(bytes32 _role, uint256[] memory params) { + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with params and a new length, and params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = params.length * 32; + assembly { + how := params + mstore(how, byteLength) + } + + require(hasPermission(msg.sender, address(this), _role, how), ERROR_AUTH_FAILED); + _; + } +} +// File: contracts/kernel/KernelProxy.sol +contract KernelProxy is KernelStorage, KernelAppIds, KernelNamespaceConstants, IsContract, DepositableDelegateProxy { + /** + * @dev KernelProxy is a proxy contract to a kernel implementation. The implementation + * can update the reference, which effectively upgrades the contract + * @param _kernelImpl Address of the contract used as implementation for kernel + */ + constructor(IKernel _kernelImpl) public { + require(isContract(address(_kernelImpl))); + apps[KERNEL_CORE_NAMESPACE][KERNEL_CORE_APP_ID] = _kernelImpl; + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return apps[KERNEL_CORE_NAMESPACE][KERNEL_CORE_APP_ID]; + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/acl/IACLOracle.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACLOracle { + function canPerform(address who, address where, bytes32 what, uint256[] how) external view returns (bool); +} +// File: contracts/acl/ACL.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ACL is IACL, TimeHelpers, AragonApp, ACLHelpers { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_PERMISSIONS_ROLE = keccak256("CREATE_PERMISSIONS_ROLE"); + */ + bytes32 public constant CREATE_PERMISSIONS_ROLE = 0x0b719b33c83b8e5d300c521cb8b54ae9bd933996a14bef8c2f4e0285d2d2400a; + + enum Op { NONE, EQ, NEQ, GT, LT, GTE, LTE, RET, NOT, AND, OR, XOR, IF_ELSE } // op types + + struct Param { + uint8 id; + uint8 op; + uint240 value; // even though value is an uint240 it can store addresses + // in the case of 32 byte hashes losing 2 bytes precision isn't a huge deal + // op and id take less than 1 byte each so it can be kept in 1 sstore + } + + uint8 internal constant BLOCK_NUMBER_PARAM_ID = 200; + uint8 internal constant TIMESTAMP_PARAM_ID = 201; + // 202 is unused + uint8 internal constant ORACLE_PARAM_ID = 203; + uint8 internal constant LOGIC_OP_PARAM_ID = 204; + uint8 internal constant PARAM_VALUE_PARAM_ID = 205; + // TODO: Add execution times param type? + + /* Hardcoded constant to save gas + bytes32 public constant EMPTY_PARAM_HASH = keccak256(uint256(0)); + */ + bytes32 public constant EMPTY_PARAM_HASH = 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563; + bytes32 public constant NO_PERMISSION = bytes32(0); + address public constant ANY_ENTITY = address(-1); + address public constant BURN_ENTITY = address(1); // address(0) is already used as "no permission manager" + + uint256 internal constant ORACLE_CHECK_GAS = 30000; + + string private constant ERROR_AUTH_INIT_KERNEL = "ACL_AUTH_INIT_KERNEL"; + string private constant ERROR_AUTH_NO_MANAGER = "ACL_AUTH_NO_MANAGER"; + string private constant ERROR_EXISTENT_MANAGER = "ACL_EXISTENT_MANAGER"; + + // Whether someone has a permission + mapping (bytes32 => bytes32) internal permissions; // permissions hash => params hash + mapping (bytes32 => Param[]) internal permissionParams; // params hash => params + + // Who is the manager of a permission + mapping (bytes32 => address) internal permissionManager; + + event SetPermission(address indexed entity, address indexed app, bytes32 indexed role, bool allowed); + event SetPermissionParams(address indexed entity, address indexed app, bytes32 indexed role, bytes32 paramsHash); + event ChangePermissionManager(address indexed app, bytes32 indexed role, address indexed manager); + + modifier onlyPermissionManager(address _app, bytes32 _role) { + require(msg.sender == getPermissionManager(_app, _role), ERROR_AUTH_NO_MANAGER); + _; + } + + modifier noPermissionManager(address _app, bytes32 _role) { + // only allow permission creation (or re-creation) when there is no manager + require(getPermissionManager(_app, _role) == address(0), ERROR_EXISTENT_MANAGER); + _; + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(address _permissionsCreator) public onlyInit { + initialized(); + require(msg.sender == address(kernel()), ERROR_AUTH_INIT_KERNEL); + + _createPermission(_permissionsCreator, this, CREATE_PERMISSIONS_ROLE, _permissionsCreator); + } + + /** + * @dev Creates a permission that wasn't previously set and managed. + * If a created permission is removed it is possible to reset it with createPermission. + * This is the **ONLY** way to create permissions and set managers to permissions that don't + * have a manager. + * In terms of the ACL being initialized, this function implicitly protects all the other + * state-changing external functions, as they all require the sender to be a manager. + * @notice Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _manager Address of the entity that will be able to grant and revoke the permission further. + */ + function createPermission(address _entity, address _app, bytes32 _role, address _manager) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _createPermission(_entity, _app, _role, _manager); + } + + /** + * @dev Grants permission if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + */ + function grantPermission(address _entity, address _app, bytes32 _role) + external + { + grantPermissionP(_entity, _app, _role, new uint256[](0)); + } + + /** + * @dev Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _params Permission parameters + */ + function grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) + public + onlyPermissionManager(_app, _role) + { + bytes32 paramsHash = _params.length > 0 ? _saveParams(_params) : EMPTY_PARAM_HASH; + _setPermission(_entity, _app, _role, paramsHash); + } + + /** + * @dev Revokes permission if allowed. This requires `msg.sender` to be the the permission manager + * @notice Revoke from `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity to revoke access from + * @param _app Address of the app in which the role will be revoked + * @param _role Identifier for the group of actions in app being revoked + */ + function revokePermission(address _entity, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermission(_entity, _app, _role, NO_PERMISSION); + } + + /** + * @notice Set `_newManager` as the manager of `_role` in `_app` + * @param _newManager Address for the new manager + * @param _app Address of the app in which the permission management is being transferred + * @param _role Identifier for the group of actions being transferred + */ + function setPermissionManager(address _newManager, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(_newManager, _app, _role); + } + + /** + * @notice Remove the manager of `_role` in `_app` + * @param _app Address of the app in which the permission is being unmanaged + * @param _role Identifier for the group of actions being unmanaged + */ + function removePermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(address(0), _app, _role); + } + + /** + * @notice Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function createBurnedPermission(address _app, bytes32 _role) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function burnPermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Get parameters for permission array length + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return Length of the array + */ + function getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint) { + return permissionParams[permissions[permissionHash(_entity, _app, _role)]].length; + } + + /** + * @notice Get parameter for permission + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @param _index Index of parameter in the array + * @return Parameter (id, op, value) + */ + function getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) + external + view + returns (uint8, uint8, uint240) + { + Param storage param = permissionParams[permissions[permissionHash(_entity, _app, _role)]][_index]; + return (param.id, param.op, param.value); + } + + /** + * @dev Get manager for permission + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return address of the manager for the permission + */ + function getPermissionManager(address _app, bytes32 _role) public view returns (address) { + return permissionManager[roleHash(_app, _role)]; + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission statu + * @param _who Sender of the original call + * @param _where Address of the app + * @param _where Identifier for a group of actions in app + * @param _how Permission parameters + * @return boolean indicating whether the ACL allows the role or not + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes memory _how) public view returns (bool) { + // Force cast the bytes array into a uint256[], by overwriting its length + // Note that the uint256[] doesn't need to be initialized as we immediately overwrite it + // with _how and a new length, and _how becomes invalid from this point forward + uint256[] memory how; + uint256 intsLength = _how.length / 32; + assembly { + how := _how + mstore(how, intsLength) + } + + return hasPermission(_who, _where, _what, how); + } + + function hasPermission(address _who, address _where, bytes32 _what, uint256[] memory _how) public view returns (bool) { + bytes32 whoParams = permissions[permissionHash(_who, _where, _what)]; + if (whoParams != NO_PERMISSION && evalParams(whoParams, _who, _where, _what, _how)) { + return true; + } + + bytes32 anyParams = permissions[permissionHash(ANY_ENTITY, _where, _what)]; + if (anyParams != NO_PERMISSION && evalParams(anyParams, ANY_ENTITY, _where, _what, _how)) { + return true; + } + + return false; + } + + function hasPermission(address _who, address _where, bytes32 _what) public view returns (bool) { + uint256[] memory empty = new uint256[](0); + return hasPermission(_who, _where, _what, empty); + } + + function evalParams( + bytes32 _paramsHash, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) public view returns (bool) + { + if (_paramsHash == EMPTY_PARAM_HASH) { + return true; + } + + return _evalParam(_paramsHash, 0, _who, _where, _what, _how); + } + + /** + * @dev Internal createPermission for access inside the kernel (on instantiation) + */ + function _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal { + _setPermission(_entity, _app, _role, EMPTY_PARAM_HASH); + _setPermissionManager(_manager, _app, _role); + } + + /** + * @dev Internal function called to actually save the permission + */ + function _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal { + permissions[permissionHash(_entity, _app, _role)] = _paramsHash; + bool entityHasPermission = _paramsHash != NO_PERMISSION; + bool permissionHasParams = entityHasPermission && _paramsHash != EMPTY_PARAM_HASH; + + emit SetPermission(_entity, _app, _role, entityHasPermission); + if (permissionHasParams) { + emit SetPermissionParams(_entity, _app, _role, _paramsHash); + } + } + + function _saveParams(uint256[] _encodedParams) internal returns (bytes32) { + bytes32 paramHash = keccak256(abi.encodePacked(_encodedParams)); + Param[] storage params = permissionParams[paramHash]; + + if (params.length == 0) { // params not saved before + for (uint256 i = 0; i < _encodedParams.length; i++) { + uint256 encodedParam = _encodedParams[i]; + Param memory param = Param(decodeParamId(encodedParam), decodeParamOp(encodedParam), uint240(encodedParam)); + params.push(param); + } + } + + return paramHash; + } + + function _evalParam( + bytes32 _paramsHash, + uint32 _paramId, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) internal view returns (bool) + { + if (_paramId >= permissionParams[_paramsHash].length) { + return false; // out of bounds + } + + Param memory param = permissionParams[_paramsHash][_paramId]; + + if (param.id == LOGIC_OP_PARAM_ID) { + return _evalLogic(param, _paramsHash, _who, _where, _what, _how); + } + + uint256 value; + uint256 comparedTo = uint256(param.value); + + // get value + if (param.id == ORACLE_PARAM_ID) { + value = checkOracle(IACLOracle(param.value), _who, _where, _what, _how) ? 1 : 0; + comparedTo = 1; + } else if (param.id == BLOCK_NUMBER_PARAM_ID) { + value = getBlockNumber(); + } else if (param.id == TIMESTAMP_PARAM_ID) { + value = getTimestamp(); + } else if (param.id == PARAM_VALUE_PARAM_ID) { + value = uint256(param.value); + } else { + if (param.id >= _how.length) { + return false; + } + value = uint256(uint240(_how[param.id])); // force lost precision + } + + if (Op(param.op) == Op.RET) { + return uint256(value) > 0; + } + + return compare(value, Op(param.op), comparedTo); + } + + function _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) + internal + view + returns (bool) + { + if (Op(_param.op) == Op.IF_ELSE) { + uint32 conditionParam; + uint32 successParam; + uint32 failureParam; + + (conditionParam, successParam, failureParam) = decodeParamsList(uint256(_param.value)); + bool result = _evalParam(_paramsHash, conditionParam, _who, _where, _what, _how); + + return _evalParam(_paramsHash, result ? successParam : failureParam, _who, _where, _what, _how); + } + + uint32 param1; + uint32 param2; + + (param1, param2,) = decodeParamsList(uint256(_param.value)); + bool r1 = _evalParam(_paramsHash, param1, _who, _where, _what, _how); + + if (Op(_param.op) == Op.NOT) { + return !r1; + } + + if (r1 && Op(_param.op) == Op.OR) { + return true; + } + + if (!r1 && Op(_param.op) == Op.AND) { + return false; + } + + bool r2 = _evalParam(_paramsHash, param2, _who, _where, _what, _how); + + if (Op(_param.op) == Op.XOR) { + return r1 != r2; + } + + return r2; // both or and and depend on result of r2 after checks + } + + function compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool) { + if (_op == Op.EQ) return _a == _b; // solium-disable-line lbrace + if (_op == Op.NEQ) return _a != _b; // solium-disable-line lbrace + if (_op == Op.GT) return _a > _b; // solium-disable-line lbrace + if (_op == Op.LT) return _a < _b; // solium-disable-line lbrace + if (_op == Op.GTE) return _a >= _b; // solium-disable-line lbrace + if (_op == Op.LTE) return _a <= _b; // solium-disable-line lbrace + return false; + } + + function checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool) { + bytes4 sig = _oracleAddr.canPerform.selector; + + // a raw call is required so we can return false if the call reverts, rather than reverting + bytes memory checkCalldata = abi.encodeWithSelector(sig, _who, _where, _what, _how); + uint256 oracleCheckGas = ORACLE_CHECK_GAS; + + bool ok; + assembly { + ok := staticcall(oracleCheckGas, _oracleAddr, add(checkCalldata, 0x20), mload(checkCalldata), 0, 0) + } + + if (!ok) { + return false; + } + + uint256 size; + assembly { size := returndatasize } + if (size != 32) { + return false; + } + + bool result; + assembly { + let ptr := mload(0x40) // get next free memory ptr + returndatacopy(ptr, 0, size) // copy return from above `staticcall` + result := mload(ptr) // read data at ptr and set it to result + mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr + } + + return result; + } + + /** + * @dev Internal function that sets management + */ + function _setPermissionManager(address _newManager, address _app, bytes32 _role) internal { + permissionManager[roleHash(_app, _role)] = _newManager; + emit ChangePermissionManager(_app, _role, _newManager); + } + + function roleHash(address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("ROLE", _where, _what)); + } + + function permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("PERMISSION", _who, _where, _what)); + } +} +// File: contracts/evmscript/ScriptHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library ScriptHelpers { + function getSpecId(bytes _script) internal pure returns (uint32) { + return uint32At(_script, 0); + } + + function uint256At(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := mload(add(_data, add(0x20, _location))) + } + } + + function addressAt(bytes _data, uint256 _location) internal pure returns (address result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffffffffffffffffffffffffffffffffffff000000000000000000000000), + 0x1000000000000000000000000) + } + } + + function uint32At(bytes _data, uint256 _location) internal pure returns (uint32 result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffff00000000000000000000000000000000000000000000000000000000), + 0x100000000000000000000000000000000000000000000000000000000) + } + } + + function locationOf(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := add(_data, add(0x20, _location)) + } + } + + function toBytes(bytes4 _sig) internal pure returns (bytes) { + bytes memory payload = new bytes(4); + assembly { mstore(add(payload, 0x20), _sig) } + return payload; + } +} +// File: contracts/evmscript/EVMScriptRegistry.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract EVMScriptRegistry is IEVMScriptRegistry, EVMScriptRegistryConstants, AragonApp { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = keccak256("REGISTRY_ADD_EXECUTOR_ROLE"); + bytes32 public constant REGISTRY_MANAGER_ROLE = keccak256("REGISTRY_MANAGER_ROLE"); + */ + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = 0xc4e90f38eea8c4212a009ca7b8947943ba4d4a58d19b683417f65291d1cd9ed2; + // WARN: Manager can censor all votes and the like happening in an org + bytes32 public constant REGISTRY_MANAGER_ROLE = 0xf7a450ef335e1892cb42c8ca72e7242359d7711924b75db5717410da3f614aa3; + + string private constant ERROR_INEXISTENT_EXECUTOR = "EVMREG_INEXISTENT_EXECUTOR"; + string private constant ERROR_EXECUTOR_ENABLED = "EVMREG_EXECUTOR_ENABLED"; + string private constant ERROR_EXECUTOR_DISABLED = "EVMREG_EXECUTOR_DISABLED"; + + struct ExecutorEntry { + IEVMScriptExecutor executor; + bool enabled; + } + + uint256 private executorsNextIndex; + mapping (uint256 => ExecutorEntry) public executors; + + event EnableExecutor(uint256 indexed executorId, address indexed executorAddress); + event DisableExecutor(uint256 indexed executorId, address indexed executorAddress); + + modifier executorExists(uint256 _executorId) { + require(_executorId > 0 && _executorId < executorsNextIndex, ERROR_INEXISTENT_EXECUTOR); + _; + } + + /** + * @notice Initialize the registry + */ + function initialize() public onlyInit { + initialized(); + // Create empty record to begin executor IDs at 1 + executorsNextIndex = 1; + } + + /** + * @notice Add a new script executor with address `_executor` to the registry + * @param _executor Address of the IEVMScriptExecutor that will be added to the registry + * @return id Identifier of the executor in the registry + */ + function addScriptExecutor(IEVMScriptExecutor _executor) external auth(REGISTRY_ADD_EXECUTOR_ROLE) returns (uint256 id) { + uint256 executorId = executorsNextIndex++; + executors[executorId] = ExecutorEntry(_executor, true); + emit EnableExecutor(executorId, _executor); + return executorId; + } + + /** + * @notice Disable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function disableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + { + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage executorEntry = executors[_executorId]; + require(executorEntry.enabled, ERROR_EXECUTOR_DISABLED); + executorEntry.enabled = false; + emit DisableExecutor(_executorId, executorEntry.executor); + } + + /** + * @notice Enable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function enableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + executorExists(_executorId) + { + ExecutorEntry storage executorEntry = executors[_executorId]; + require(!executorEntry.enabled, ERROR_EXECUTOR_ENABLED); + executorEntry.enabled = true; + emit EnableExecutor(_executorId, executorEntry.executor); + } + + /** + * @dev Get the script executor that can execute a particular script based on its first 4 bytes + * @param _script EVMScript being inspected + */ + function getScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + uint256 id = _script.getSpecId(); + + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage entry = executors[id]; + return entry.enabled ? entry.executor : IEVMScriptExecutor(0); + } +} +// File: contracts/evmscript/executors/BaseEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract BaseEVMScriptExecutor is IEVMScriptExecutor, Autopetrified { + uint256 internal constant SCRIPT_START_LOCATION = 4; +} +// File: contracts/evmscript/executors/CallsScript.sol +// Inspired by https://github.com/reverendus/tx-manager + + + + +contract CallsScript is BaseEVMScriptExecutor { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 internal constant EXECUTOR_TYPE = keccak256("CALLS_SCRIPT"); + */ + bytes32 internal constant EXECUTOR_TYPE = 0x2dc858a00f3e417be1394b87c07158e989ec681ce8cc68a9093680ac1a870302; + + string private constant ERROR_BLACKLISTED_CALL = "EVMCALLS_BLACKLISTED_CALL"; + string private constant ERROR_INVALID_LENGTH = "EVMCALLS_INVALID_LENGTH"; + string private constant ERROR_CALL_REVERTED = "EVMCALLS_CALL_REVERTED"; + + event LogScriptCall(address indexed sender, address indexed src, address indexed dst); + + /** + * @notice Executes a number of call scripts + * @param _script [ specId (uint32) ] many calls with this structure -> + * [ to (address: 20 bytes) ] [ calldataLength (uint32: 4 bytes) ] [ calldata (calldataLength bytes) ] + * @param _blacklist Addresses the script cannot call to, or will revert. + * @return always returns empty byte array + */ + function execScript(bytes _script, bytes, address[] _blacklist) external isInitialized returns (bytes) { + uint256 location = SCRIPT_START_LOCATION; // first 32 bits are spec id + while (location < _script.length) { + address contractAddress = _script.addressAt(location); + // Check address being called is not blacklist + for (uint i = 0; i < _blacklist.length; i++) { + require(contractAddress != _blacklist[i], ERROR_BLACKLISTED_CALL); + } + + // logged before execution to ensure event ordering in receipt + // if failed entire execution is reverted regardless + emit LogScriptCall(msg.sender, address(this), contractAddress); + + uint256 calldataLength = uint256(_script.uint32At(location + 0x14)); + uint256 startOffset = location + 0x14 + 0x04; + uint256 calldataStart = _script.locationOf(startOffset); + + // compute end of script / next location + location = startOffset + calldataLength; + require(location <= _script.length, ERROR_INVALID_LENGTH); + + bool success; + assembly { + success := call(sub(gas, 5000), contractAddress, 0, calldataStart, calldataLength, 0, 0) + } + + require(success, ERROR_CALL_REVERTED); + } + } + + function executorType() external pure returns (bytes32) { + return EXECUTOR_TYPE; + } +} +// File: contracts/factory/EVMScriptRegistryFactory.sol +contract EVMScriptRegistryFactory is AppProxyFactory, EVMScriptRegistryConstants { + EVMScriptRegistry public baseReg; + IEVMScriptExecutor public baseCallScript; + + constructor() public { + baseReg = new EVMScriptRegistry(); + baseCallScript = IEVMScriptExecutor(new CallsScript()); + } + + function newEVMScriptRegistry(Kernel _dao) public returns (EVMScriptRegistry reg) { + bytes memory initPayload = abi.encodeWithSelector(reg.initialize.selector); + reg = EVMScriptRegistry(_dao.newPinnedAppInstance(EVMSCRIPT_REGISTRY_APP_ID, baseReg, initPayload, true)); + + ACL acl = ACL(_dao.acl()); + + acl.createPermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE(), this); + + reg.addScriptExecutor(baseCallScript); // spec 1 = CallsScript + + // Clean up the permissions + acl.revokePermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + acl.removePermissionManager(reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + + return reg; + } +} +// File: contracts/factory/DAOFactory.sol +contract DAOFactory { + IKernel public baseKernel; + IACL public baseACL; + EVMScriptRegistryFactory public regFactory; + + event DeployDAO(address dao); + event DeployEVMScriptRegistry(address reg); + + constructor(IKernel _baseKernel, IACL _baseACL, EVMScriptRegistryFactory _regFactory) public { + // No need to init as it cannot be killed by devops199 + if (address(_regFactory) != address(0)) { + regFactory = _regFactory; + } + + baseKernel = _baseKernel; + baseACL = _baseACL; + } + + /** + * @param _root Address that will be granted control to setup DAO permissions + */ + function newDAO(address _root) public returns (Kernel) { + Kernel dao = Kernel(new KernelProxy(baseKernel)); + + if (address(regFactory) == address(0)) { + dao.initialize(baseACL, _root); + } else { + dao.initialize(baseACL, this); + + ACL acl = ACL(dao.acl()); + bytes32 permRole = acl.CREATE_PERMISSIONS_ROLE(); + bytes32 appManagerRole = dao.APP_MANAGER_ROLE(); + + acl.grantPermission(regFactory, acl, permRole); + + acl.createPermission(regFactory, dao, appManagerRole, this); + + EVMScriptRegistry reg = regFactory.newEVMScriptRegistry(dao); + emit DeployEVMScriptRegistry(address(reg)); + + // Clean up permissions + // First, completely reset the APP_MANAGER_ROLE + acl.revokePermission(regFactory, dao, appManagerRole); + acl.removePermissionManager(dao, appManagerRole); + + // Then, make root the only holder and manager of CREATE_PERMISSIONS_ROLE + acl.revokePermission(regFactory, acl, permRole); + acl.revokePermission(this, acl, permRole); + acl.grantPermission(_root, acl, permRole); + acl.setPermissionManager(_root, acl, permRole); + } + + emit DeployDAO(address(dao)); + + return dao; + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/ENSFactory.sol b/environments/rinkeby/contracts/aragonOS/ENSFactory.sol new file mode 100644 index 0000000..0e9b297 --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/ENSFactory.sol @@ -0,0 +1,372 @@ +pragma solidity 0.4.24; +// File: contracts/lib/ens/AbstractENS.sol +interface AbstractENS { + function owner(bytes32 _node) public constant returns (address); + function resolver(bytes32 _node) public constant returns (address); + function ttl(bytes32 _node) public constant returns (uint64); + function setOwner(bytes32 _node, address _owner) public; + function setSubnodeOwner(bytes32 _node, bytes32 label, address _owner) public; + function setResolver(bytes32 _node, address _resolver) public; + function setTTL(bytes32 _node, uint64 _ttl) public; + + // Logged when the owner of a node assigns a new owner to a subnode. + event NewOwner(bytes32 indexed _node, bytes32 indexed _label, address _owner); + + // Logged when the owner of a node transfers ownership to a new account. + event Transfer(bytes32 indexed _node, address _owner); + + // Logged when the resolver for a node changes. + event NewResolver(bytes32 indexed _node, address _resolver); + + // Logged when the TTL of a node changes + event NewTTL(bytes32 indexed _node, uint64 _ttl); +} +// File: contracts/lib/ens/ENS.sol +/** + * The ENS registry contract. + */ +contract ENS is AbstractENS { + struct Record { + address owner; + address resolver; + uint64 ttl; + } + + mapping(bytes32=>Record) records; + + // Permits modifications only by the owner of the specified node. + modifier only_owner(bytes32 node) { + if (records[node].owner != msg.sender) throw; + _; + } + + /** + * Constructs a new ENS registrar. + */ + function ENS() public { + records[0].owner = msg.sender; + } + + /** + * Returns the address that owns the specified node. + */ + function owner(bytes32 node) public constant returns (address) { + return records[node].owner; + } + + /** + * Returns the address of the resolver for the specified node. + */ + function resolver(bytes32 node) public constant returns (address) { + return records[node].resolver; + } + + /** + * Returns the TTL of a node, and any records associated with it. + */ + function ttl(bytes32 node) public constant returns (uint64) { + return records[node].ttl; + } + + /** + * Transfers ownership of a node to a new address. May only be called by the current + * owner of the node. + * @param node The node to transfer ownership of. + * @param owner The address of the new owner. + */ + function setOwner(bytes32 node, address owner) only_owner(node) public { + Transfer(node, owner); + records[node].owner = owner; + } + + /** + * Transfers ownership of a subnode keccak256(node, label) to a new address. May only be + * called by the owner of the parent node. + * @param node The parent node. + * @param label The hash of the label specifying the subnode. + * @param owner The address of the new owner. + */ + function setSubnodeOwner(bytes32 node, bytes32 label, address owner) only_owner(node) public { + var subnode = keccak256(node, label); + NewOwner(node, label, owner); + records[subnode].owner = owner; + } + + /** + * Sets the resolver address for the specified node. + * @param node The node to update. + * @param resolver The address of the resolver. + */ + function setResolver(bytes32 node, address resolver) only_owner(node) public { + NewResolver(node, resolver); + records[node].resolver = resolver; + } + + /** + * Sets the TTL for the specified node. + * @param node The node to update. + * @param ttl The TTL in seconds. + */ + function setTTL(bytes32 node, uint64 ttl) only_owner(node) public { + NewTTL(node, ttl); + records[node].ttl = ttl; + } +} +// File: contracts/lib/ens/PublicResolver.sol +/** + * A simple resolver anyone can use; only allows the owner of a node to set its + * address. + */ +contract PublicResolver { + bytes4 constant INTERFACE_META_ID = 0x01ffc9a7; + bytes4 constant ADDR_INTERFACE_ID = 0x3b3b57de; + bytes4 constant CONTENT_INTERFACE_ID = 0xd8389dc5; + bytes4 constant NAME_INTERFACE_ID = 0x691f3431; + bytes4 constant ABI_INTERFACE_ID = 0x2203ab56; + bytes4 constant PUBKEY_INTERFACE_ID = 0xc8690233; + bytes4 constant TEXT_INTERFACE_ID = 0x59d1d43c; + + event AddrChanged(bytes32 indexed node, address a); + event ContentChanged(bytes32 indexed node, bytes32 hash); + event NameChanged(bytes32 indexed node, string name); + event ABIChanged(bytes32 indexed node, uint256 indexed contentType); + event PubkeyChanged(bytes32 indexed node, bytes32 x, bytes32 y); + event TextChanged(bytes32 indexed node, string indexed indexedKey, string key); + + struct PublicKey { + bytes32 x; + bytes32 y; + } + + struct Record { + address addr; + bytes32 content; + string name; + PublicKey pubkey; + mapping(string=>string) text; + mapping(uint256=>bytes) abis; + } + + AbstractENS ens; + mapping(bytes32=>Record) records; + + modifier only_owner(bytes32 node) { + if (ens.owner(node) != msg.sender) throw; + _; + } + + /** + * Constructor. + * @param ensAddr The ENS registrar contract. + */ + function PublicResolver(AbstractENS ensAddr) public { + ens = ensAddr; + } + + /** + * Returns true if the resolver implements the interface specified by the provided hash. + * @param interfaceID The ID of the interface to check for. + * @return True if the contract implements the requested interface. + */ + function supportsInterface(bytes4 interfaceID) public pure returns (bool) { + return interfaceID == ADDR_INTERFACE_ID || + interfaceID == CONTENT_INTERFACE_ID || + interfaceID == NAME_INTERFACE_ID || + interfaceID == ABI_INTERFACE_ID || + interfaceID == PUBKEY_INTERFACE_ID || + interfaceID == TEXT_INTERFACE_ID || + interfaceID == INTERFACE_META_ID; + } + + /** + * Returns the address associated with an ENS node. + * @param node The ENS node to query. + * @return The associated address. + */ + function addr(bytes32 node) public constant returns (address ret) { + ret = records[node].addr; + } + + /** + * Sets the address associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param addr The address to set. + */ + function setAddr(bytes32 node, address addr) only_owner(node) public { + records[node].addr = addr; + AddrChanged(node, addr); + } + + /** + * Returns the content hash associated with an ENS node. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The ENS node to query. + * @return The associated content hash. + */ + function content(bytes32 node) public constant returns (bytes32 ret) { + ret = records[node].content; + } + + /** + * Sets the content hash associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The node to update. + * @param hash The content hash to set + */ + function setContent(bytes32 node, bytes32 hash) only_owner(node) public { + records[node].content = hash; + ContentChanged(node, hash); + } + + /** + * Returns the name associated with an ENS node, for reverse records. + * Defined in EIP181. + * @param node The ENS node to query. + * @return The associated name. + */ + function name(bytes32 node) public constant returns (string ret) { + ret = records[node].name; + } + + /** + * Sets the name associated with an ENS node, for reverse records. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param name The name to set. + */ + function setName(bytes32 node, string name) only_owner(node) public { + records[node].name = name; + NameChanged(node, name); + } + + /** + * Returns the ABI associated with an ENS node. + * Defined in EIP205. + * @param node The ENS node to query + * @param contentTypes A bitwise OR of the ABI formats accepted by the caller. + * @return contentType The content type of the return value + * @return data The ABI data + */ + function ABI(bytes32 node, uint256 contentTypes) public constant returns (uint256 contentType, bytes data) { + var record = records[node]; + for(contentType = 1; contentType <= contentTypes; contentType <<= 1) { + if ((contentType & contentTypes) != 0 && record.abis[contentType].length > 0) { + data = record.abis[contentType]; + return; + } + } + contentType = 0; + } + + /** + * Sets the ABI associated with an ENS node. + * Nodes may have one ABI of each content type. To remove an ABI, set it to + * the empty string. + * @param node The node to update. + * @param contentType The content type of the ABI + * @param data The ABI data. + */ + function setABI(bytes32 node, uint256 contentType, bytes data) only_owner(node) public { + // Content types must be powers of 2 + if (((contentType - 1) & contentType) != 0) throw; + + records[node].abis[contentType] = data; + ABIChanged(node, contentType); + } + + /** + * Returns the SECP256k1 public key associated with an ENS node. + * Defined in EIP 619. + * @param node The ENS node to query + * @return x, y the X and Y coordinates of the curve point for the public key. + */ + function pubkey(bytes32 node) public constant returns (bytes32 x, bytes32 y) { + return (records[node].pubkey.x, records[node].pubkey.y); + } + + /** + * Sets the SECP256k1 public key associated with an ENS node. + * @param node The ENS node to query + * @param x the X coordinate of the curve point for the public key. + * @param y the Y coordinate of the curve point for the public key. + */ + function setPubkey(bytes32 node, bytes32 x, bytes32 y) only_owner(node) public { + records[node].pubkey = PublicKey(x, y); + PubkeyChanged(node, x, y); + } + + /** + * Returns the text data associated with an ENS node and key. + * @param node The ENS node to query. + * @param key The text data key to query. + * @return The associated text data. + */ + function text(bytes32 node, string key) public constant returns (string ret) { + ret = records[node].text[key]; + } + + /** + * Sets the text data associated with an ENS node and key. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param key The key to set. + * @param value The text data value to set. + */ + function setText(bytes32 node, string key, string value) only_owner(node) public { + records[node].text[key] = value; + TextChanged(node, key, key); + } +} +// File: contracts/ens/ENSConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ENSConstants { + /* Hardcoded constants to save gas + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = keccak256("eth"); + bytes32 internal constant ETH_TLD_NODE = keccak256(abi.encodePacked(ENS_ROOT, ETH_TLD_LABEL)); + bytes32 internal constant PUBLIC_RESOLVER_LABEL = keccak256("resolver"); + bytes32 internal constant PUBLIC_RESOLVER_NODE = keccak256(abi.encodePacked(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL)); + */ + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = 0x4f5b812789fc606be1b3b16908db13fc7a9adf7ca72641f84d75b47069d3d7f0; + bytes32 internal constant ETH_TLD_NODE = 0x93cdeb708b7545dc668eb9280176169d1c33cfd8ed6f04690a0bcc88a93fc4ae; + bytes32 internal constant PUBLIC_RESOLVER_LABEL = 0x329539a1d23af1810c48a07fe7fc66a3b34fbc8b37e9b3cdb97bb88ceab7e4bf; + bytes32 internal constant PUBLIC_RESOLVER_NODE = 0xfdd5d5de6dd63db72bbc2d487944ba13bf775b50a80805fe6fcaba9b0fba88f5; +} +// File: contracts/factory/ENSFactory.sol +// Note that this contract is NOT meant to be used in production. +// Its only purpose is to easily create ENS instances for testing APM. +contract ENSFactory is ENSConstants { + event DeployENS(address ens); + + // This is an incredibly trustfull ENS deployment, only use for testing + function newENS(address _owner) public returns (ENS) { + ENS ens = new ENS(); + + // Setup .eth TLD + ens.setSubnodeOwner(ENS_ROOT, ETH_TLD_LABEL, this); + + // Setup public resolver + PublicResolver resolver = new PublicResolver(ens); + ens.setSubnodeOwner(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL, this); + ens.setResolver(PUBLIC_RESOLVER_NODE, resolver); + resolver.setAddr(PUBLIC_RESOLVER_NODE, resolver); + + ens.setOwner(ETH_TLD_NODE, _owner); + ens.setOwner(ENS_ROOT, _owner); + + emit DeployENS(ens); + + return ens; + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/ENSSubdomainRegistrar.sol b/environments/rinkeby/contracts/aragonOS/ENSSubdomainRegistrar.sol new file mode 100644 index 0000000..d9bca6e --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/ENSSubdomainRegistrar.sol @@ -0,0 +1,1067 @@ +pragma solidity 0.4.24; +// File: contracts/lib/ens/AbstractENS.sol +interface AbstractENS { + function owner(bytes32 _node) public constant returns (address); + function resolver(bytes32 _node) public constant returns (address); + function ttl(bytes32 _node) public constant returns (uint64); + function setOwner(bytes32 _node, address _owner) public; + function setSubnodeOwner(bytes32 _node, bytes32 label, address _owner) public; + function setResolver(bytes32 _node, address _resolver) public; + function setTTL(bytes32 _node, uint64 _ttl) public; + + // Logged when the owner of a node assigns a new owner to a subnode. + event NewOwner(bytes32 indexed _node, bytes32 indexed _label, address _owner); + + // Logged when the owner of a node transfers ownership to a new account. + event Transfer(bytes32 indexed _node, address _owner); + + // Logged when the resolver for a node changes. + event NewResolver(bytes32 indexed _node, address _resolver); + + // Logged when the TTL of a node changes + event NewTTL(bytes32 indexed _node, uint64 _ttl); +} +// File: contracts/lib/ens/PublicResolver.sol +/** + * A simple resolver anyone can use; only allows the owner of a node to set its + * address. + */ +contract PublicResolver { + bytes4 constant INTERFACE_META_ID = 0x01ffc9a7; + bytes4 constant ADDR_INTERFACE_ID = 0x3b3b57de; + bytes4 constant CONTENT_INTERFACE_ID = 0xd8389dc5; + bytes4 constant NAME_INTERFACE_ID = 0x691f3431; + bytes4 constant ABI_INTERFACE_ID = 0x2203ab56; + bytes4 constant PUBKEY_INTERFACE_ID = 0xc8690233; + bytes4 constant TEXT_INTERFACE_ID = 0x59d1d43c; + + event AddrChanged(bytes32 indexed node, address a); + event ContentChanged(bytes32 indexed node, bytes32 hash); + event NameChanged(bytes32 indexed node, string name); + event ABIChanged(bytes32 indexed node, uint256 indexed contentType); + event PubkeyChanged(bytes32 indexed node, bytes32 x, bytes32 y); + event TextChanged(bytes32 indexed node, string indexed indexedKey, string key); + + struct PublicKey { + bytes32 x; + bytes32 y; + } + + struct Record { + address addr; + bytes32 content; + string name; + PublicKey pubkey; + mapping(string=>string) text; + mapping(uint256=>bytes) abis; + } + + AbstractENS ens; + mapping(bytes32=>Record) records; + + modifier only_owner(bytes32 node) { + if (ens.owner(node) != msg.sender) throw; + _; + } + + /** + * Constructor. + * @param ensAddr The ENS registrar contract. + */ + function PublicResolver(AbstractENS ensAddr) public { + ens = ensAddr; + } + + /** + * Returns true if the resolver implements the interface specified by the provided hash. + * @param interfaceID The ID of the interface to check for. + * @return True if the contract implements the requested interface. + */ + function supportsInterface(bytes4 interfaceID) public pure returns (bool) { + return interfaceID == ADDR_INTERFACE_ID || + interfaceID == CONTENT_INTERFACE_ID || + interfaceID == NAME_INTERFACE_ID || + interfaceID == ABI_INTERFACE_ID || + interfaceID == PUBKEY_INTERFACE_ID || + interfaceID == TEXT_INTERFACE_ID || + interfaceID == INTERFACE_META_ID; + } + + /** + * Returns the address associated with an ENS node. + * @param node The ENS node to query. + * @return The associated address. + */ + function addr(bytes32 node) public constant returns (address ret) { + ret = records[node].addr; + } + + /** + * Sets the address associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param addr The address to set. + */ + function setAddr(bytes32 node, address addr) only_owner(node) public { + records[node].addr = addr; + AddrChanged(node, addr); + } + + /** + * Returns the content hash associated with an ENS node. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The ENS node to query. + * @return The associated content hash. + */ + function content(bytes32 node) public constant returns (bytes32 ret) { + ret = records[node].content; + } + + /** + * Sets the content hash associated with an ENS node. + * May only be called by the owner of that node in the ENS registry. + * Note that this resource type is not standardized, and will likely change + * in future to a resource type based on multihash. + * @param node The node to update. + * @param hash The content hash to set + */ + function setContent(bytes32 node, bytes32 hash) only_owner(node) public { + records[node].content = hash; + ContentChanged(node, hash); + } + + /** + * Returns the name associated with an ENS node, for reverse records. + * Defined in EIP181. + * @param node The ENS node to query. + * @return The associated name. + */ + function name(bytes32 node) public constant returns (string ret) { + ret = records[node].name; + } + + /** + * Sets the name associated with an ENS node, for reverse records. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param name The name to set. + */ + function setName(bytes32 node, string name) only_owner(node) public { + records[node].name = name; + NameChanged(node, name); + } + + /** + * Returns the ABI associated with an ENS node. + * Defined in EIP205. + * @param node The ENS node to query + * @param contentTypes A bitwise OR of the ABI formats accepted by the caller. + * @return contentType The content type of the return value + * @return data The ABI data + */ + function ABI(bytes32 node, uint256 contentTypes) public constant returns (uint256 contentType, bytes data) { + var record = records[node]; + for(contentType = 1; contentType <= contentTypes; contentType <<= 1) { + if ((contentType & contentTypes) != 0 && record.abis[contentType].length > 0) { + data = record.abis[contentType]; + return; + } + } + contentType = 0; + } + + /** + * Sets the ABI associated with an ENS node. + * Nodes may have one ABI of each content type. To remove an ABI, set it to + * the empty string. + * @param node The node to update. + * @param contentType The content type of the ABI + * @param data The ABI data. + */ + function setABI(bytes32 node, uint256 contentType, bytes data) only_owner(node) public { + // Content types must be powers of 2 + if (((contentType - 1) & contentType) != 0) throw; + + records[node].abis[contentType] = data; + ABIChanged(node, contentType); + } + + /** + * Returns the SECP256k1 public key associated with an ENS node. + * Defined in EIP 619. + * @param node The ENS node to query + * @return x, y the X and Y coordinates of the curve point for the public key. + */ + function pubkey(bytes32 node) public constant returns (bytes32 x, bytes32 y) { + return (records[node].pubkey.x, records[node].pubkey.y); + } + + /** + * Sets the SECP256k1 public key associated with an ENS node. + * @param node The ENS node to query + * @param x the X coordinate of the curve point for the public key. + * @param y the Y coordinate of the curve point for the public key. + */ + function setPubkey(bytes32 node, bytes32 x, bytes32 y) only_owner(node) public { + records[node].pubkey = PublicKey(x, y); + PubkeyChanged(node, x, y); + } + + /** + * Returns the text data associated with an ENS node and key. + * @param node The ENS node to query. + * @param key The text data key to query. + * @return The associated text data. + */ + function text(bytes32 node, string key) public constant returns (string ret) { + ret = records[node].text[key]; + } + + /** + * Sets the text data associated with an ENS node and key. + * May only be called by the owner of that node in the ENS registry. + * @param node The node to update. + * @param key The key to set. + * @param value The text data value to set. + */ + function setText(bytes32 node, string key, string value) only_owner(node) public { + records[node].text[key] = value; + TextChanged(node, key, key); + } +} +// File: contracts/ens/ENSConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ENSConstants { + /* Hardcoded constants to save gas + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = keccak256("eth"); + bytes32 internal constant ETH_TLD_NODE = keccak256(abi.encodePacked(ENS_ROOT, ETH_TLD_LABEL)); + bytes32 internal constant PUBLIC_RESOLVER_LABEL = keccak256("resolver"); + bytes32 internal constant PUBLIC_RESOLVER_NODE = keccak256(abi.encodePacked(ETH_TLD_NODE, PUBLIC_RESOLVER_LABEL)); + */ + bytes32 internal constant ENS_ROOT = bytes32(0); + bytes32 internal constant ETH_TLD_LABEL = 0x4f5b812789fc606be1b3b16908db13fc7a9adf7ca72641f84d75b47069d3d7f0; + bytes32 internal constant ETH_TLD_NODE = 0x93cdeb708b7545dc668eb9280176169d1c33cfd8ed6f04690a0bcc88a93fc4ae; + bytes32 internal constant PUBLIC_RESOLVER_LABEL = 0x329539a1d23af1810c48a07fe7fc66a3b34fbc8b37e9b3cdb97bb88ceab7e4bf; + bytes32 internal constant PUBLIC_RESOLVER_NODE = 0xfdd5d5de6dd63db72bbc2d487944ba13bf775b50a80805fe6fcaba9b0fba88f5; +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/ens/ENSSubdomainRegistrar.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ENSSubdomainRegistrar is AragonApp, ENSConstants { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_NAME_ROLE = keccak256("CREATE_NAME_ROLE"); + bytes32 public constant DELETE_NAME_ROLE = keccak256("DELETE_NAME_ROLE"); + bytes32 public constant POINT_ROOTNODE_ROLE = keccak256("POINT_ROOTNODE_ROLE"); + */ + bytes32 public constant CREATE_NAME_ROLE = 0xf86bc2abe0919ab91ef714b2bec7c148d94f61fdb069b91a6cfe9ecdee1799ba; + bytes32 public constant DELETE_NAME_ROLE = 0x03d74c8724218ad4a99859bcb2d846d39999449fd18013dd8d69096627e68622; + bytes32 public constant POINT_ROOTNODE_ROLE = 0x9ecd0e7bddb2e241c41b595a436c4ea4fd33c9fa0caa8056acf084fc3aa3bfbe; + + string private constant ERROR_NO_NODE_OWNERSHIP = "ENSSUB_NO_NODE_OWNERSHIP"; + string private constant ERROR_NAME_EXISTS = "ENSSUB_NAME_EXISTS"; + string private constant ERROR_NAME_DOESNT_EXIST = "ENSSUB_DOESNT_EXIST"; + + AbstractENS public ens; + bytes32 public rootNode; + + event NewName(bytes32 indexed node, bytes32 indexed label); + event DeleteName(bytes32 indexed node, bytes32 indexed label); + + function initialize(AbstractENS _ens, bytes32 _rootNode) public onlyInit { + initialized(); + + // We need ownership to create subnodes + require(_ens.owner(_rootNode) == address(this), ERROR_NO_NODE_OWNERSHIP); + + ens = _ens; + rootNode = _rootNode; + } + + function createName(bytes32 _label, address _owner) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + return _createName(_label, _owner); + } + + function createNameAndPoint(bytes32 _label, address _target) external auth(CREATE_NAME_ROLE) returns (bytes32 node) { + node = _createName(_label, this); + _pointToResolverAndResolve(node, _target); + } + + function deleteName(bytes32 _label) external auth(DELETE_NAME_ROLE) { + bytes32 node = getNodeForLabel(_label); + + address currentOwner = ens.owner(node); + + require(currentOwner != address(0), ERROR_NAME_DOESNT_EXIST); // fail if deleting unset name + + if (currentOwner != address(this)) { // needs to reclaim ownership so it can set resolver + ens.setSubnodeOwner(rootNode, _label, this); + } + + ens.setResolver(node, address(0)); // remove resolver so it ends resolving + ens.setOwner(node, address(0)); + + emit DeleteName(node, _label); + } + + function pointRootNode(address _target) external auth(POINT_ROOTNODE_ROLE) { + _pointToResolverAndResolve(rootNode, _target); + } + + function _createName(bytes32 _label, address _owner) internal returns (bytes32 node) { + node = getNodeForLabel(_label); + require(ens.owner(node) == address(0), ERROR_NAME_EXISTS); // avoid name reset + + ens.setSubnodeOwner(rootNode, _label, _owner); + + emit NewName(node, _label); + + return node; + } + + function _pointToResolverAndResolve(bytes32 _node, address _target) internal { + address publicResolver = getAddr(PUBLIC_RESOLVER_NODE); + ens.setResolver(_node, publicResolver); + + PublicResolver(publicResolver).setAddr(_node, _target); + } + + function getAddr(bytes32 node) internal view returns (address) { + address resolver = ens.resolver(node); + return PublicResolver(resolver).addr(node); + } + + function getNodeForLabel(bytes32 _label) internal view returns (bytes32) { + return keccak256(abi.encodePacked(rootNode, _label)); + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/EVMScriptRegistryFactory.sol b/environments/rinkeby/contracts/aragonOS/EVMScriptRegistryFactory.sol new file mode 100644 index 0000000..1c7a61f --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/EVMScriptRegistryFactory.sol @@ -0,0 +1,1888 @@ +pragma solidity 0.4.24; +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/evmscript/ScriptHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library ScriptHelpers { + function getSpecId(bytes _script) internal pure returns (uint32) { + return uint32At(_script, 0); + } + + function uint256At(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := mload(add(_data, add(0x20, _location))) + } + } + + function addressAt(bytes _data, uint256 _location) internal pure returns (address result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffffffffffffffffffffffffffffffffffff000000000000000000000000), + 0x1000000000000000000000000) + } + } + + function uint32At(bytes _data, uint256 _location) internal pure returns (uint32 result) { + uint256 word = uint256At(_data, _location); + + assembly { + result := div(and(word, 0xffffffff00000000000000000000000000000000000000000000000000000000), + 0x100000000000000000000000000000000000000000000000000000000) + } + } + + function locationOf(bytes _data, uint256 _location) internal pure returns (uint256 result) { + assembly { + result := add(_data, add(0x20, _location)) + } + } + + function toBytes(bytes4 _sig) internal pure returns (bytes) { + bytes memory payload = new bytes(4); + assembly { mstore(add(payload, 0x20), _sig) } + return payload; + } +} +// File: contracts/evmscript/EVMScriptRegistry.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract EVMScriptRegistry is IEVMScriptRegistry, EVMScriptRegistryConstants, AragonApp { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = keccak256("REGISTRY_ADD_EXECUTOR_ROLE"); + bytes32 public constant REGISTRY_MANAGER_ROLE = keccak256("REGISTRY_MANAGER_ROLE"); + */ + bytes32 public constant REGISTRY_ADD_EXECUTOR_ROLE = 0xc4e90f38eea8c4212a009ca7b8947943ba4d4a58d19b683417f65291d1cd9ed2; + // WARN: Manager can censor all votes and the like happening in an org + bytes32 public constant REGISTRY_MANAGER_ROLE = 0xf7a450ef335e1892cb42c8ca72e7242359d7711924b75db5717410da3f614aa3; + + string private constant ERROR_INEXISTENT_EXECUTOR = "EVMREG_INEXISTENT_EXECUTOR"; + string private constant ERROR_EXECUTOR_ENABLED = "EVMREG_EXECUTOR_ENABLED"; + string private constant ERROR_EXECUTOR_DISABLED = "EVMREG_EXECUTOR_DISABLED"; + + struct ExecutorEntry { + IEVMScriptExecutor executor; + bool enabled; + } + + uint256 private executorsNextIndex; + mapping (uint256 => ExecutorEntry) public executors; + + event EnableExecutor(uint256 indexed executorId, address indexed executorAddress); + event DisableExecutor(uint256 indexed executorId, address indexed executorAddress); + + modifier executorExists(uint256 _executorId) { + require(_executorId > 0 && _executorId < executorsNextIndex, ERROR_INEXISTENT_EXECUTOR); + _; + } + + /** + * @notice Initialize the registry + */ + function initialize() public onlyInit { + initialized(); + // Create empty record to begin executor IDs at 1 + executorsNextIndex = 1; + } + + /** + * @notice Add a new script executor with address `_executor` to the registry + * @param _executor Address of the IEVMScriptExecutor that will be added to the registry + * @return id Identifier of the executor in the registry + */ + function addScriptExecutor(IEVMScriptExecutor _executor) external auth(REGISTRY_ADD_EXECUTOR_ROLE) returns (uint256 id) { + uint256 executorId = executorsNextIndex++; + executors[executorId] = ExecutorEntry(_executor, true); + emit EnableExecutor(executorId, _executor); + return executorId; + } + + /** + * @notice Disable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function disableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + { + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage executorEntry = executors[_executorId]; + require(executorEntry.enabled, ERROR_EXECUTOR_DISABLED); + executorEntry.enabled = false; + emit DisableExecutor(_executorId, executorEntry.executor); + } + + /** + * @notice Enable script executor with ID `_executorId` + * @param _executorId Identifier of the executor in the registry + */ + function enableScriptExecutor(uint256 _executorId) + external + authP(REGISTRY_MANAGER_ROLE, arr(_executorId)) + executorExists(_executorId) + { + ExecutorEntry storage executorEntry = executors[_executorId]; + require(!executorEntry.enabled, ERROR_EXECUTOR_ENABLED); + executorEntry.enabled = true; + emit EnableExecutor(_executorId, executorEntry.executor); + } + + /** + * @dev Get the script executor that can execute a particular script based on its first 4 bytes + * @param _script EVMScript being inspected + */ + function getScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + uint256 id = _script.getSpecId(); + + // Note that we don't need to check for an executor's existence in this case, as only + // existing executors can be enabled + ExecutorEntry storage entry = executors[id]; + return entry.enabled ? entry.executor : IEVMScriptExecutor(0); + } +} +// File: contracts/evmscript/executors/BaseEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract BaseEVMScriptExecutor is IEVMScriptExecutor, Autopetrified { + uint256 internal constant SCRIPT_START_LOCATION = 4; +} +// File: contracts/evmscript/executors/CallsScript.sol +// Inspired by https://github.com/reverendus/tx-manager + + + + +contract CallsScript is BaseEVMScriptExecutor { + using ScriptHelpers for bytes; + + /* Hardcoded constants to save gas + bytes32 internal constant EXECUTOR_TYPE = keccak256("CALLS_SCRIPT"); + */ + bytes32 internal constant EXECUTOR_TYPE = 0x2dc858a00f3e417be1394b87c07158e989ec681ce8cc68a9093680ac1a870302; + + string private constant ERROR_BLACKLISTED_CALL = "EVMCALLS_BLACKLISTED_CALL"; + string private constant ERROR_INVALID_LENGTH = "EVMCALLS_INVALID_LENGTH"; + string private constant ERROR_CALL_REVERTED = "EVMCALLS_CALL_REVERTED"; + + event LogScriptCall(address indexed sender, address indexed src, address indexed dst); + + /** + * @notice Executes a number of call scripts + * @param _script [ specId (uint32) ] many calls with this structure -> + * [ to (address: 20 bytes) ] [ calldataLength (uint32: 4 bytes) ] [ calldata (calldataLength bytes) ] + * @param _blacklist Addresses the script cannot call to, or will revert. + * @return always returns empty byte array + */ + function execScript(bytes _script, bytes, address[] _blacklist) external isInitialized returns (bytes) { + uint256 location = SCRIPT_START_LOCATION; // first 32 bits are spec id + while (location < _script.length) { + address contractAddress = _script.addressAt(location); + // Check address being called is not blacklist + for (uint i = 0; i < _blacklist.length; i++) { + require(contractAddress != _blacklist[i], ERROR_BLACKLISTED_CALL); + } + + // logged before execution to ensure event ordering in receipt + // if failed entire execution is reverted regardless + emit LogScriptCall(msg.sender, address(this), contractAddress); + + uint256 calldataLength = uint256(_script.uint32At(location + 0x14)); + uint256 startOffset = location + 0x14 + 0x04; + uint256 calldataStart = _script.locationOf(startOffset); + + // compute end of script / next location + location = startOffset + calldataLength; + require(location <= _script.length, ERROR_INVALID_LENGTH); + + bool success; + assembly { + success := call(sub(gas, 5000), contractAddress, 0, calldataStart, calldataLength, 0, 0) + } + + require(success, ERROR_CALL_REVERTED); + } + } + + function executorType() external pure returns (bytes32) { + return EXECUTOR_TYPE; + } +} +// File: contracts/lib/misc/ERCProxy.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ERCProxy { + uint256 internal constant FORWARDING = 1; + uint256 internal constant UPGRADEABLE = 2; + + function proxyType() public pure returns (uint256 proxyTypeId); + function implementation() public view returns (address codeAddr); +} +// File: contracts/common/DelegateProxy.sol +contract DelegateProxy is ERCProxy, IsContract { + uint256 internal constant FWD_GAS_LIMIT = 10000; + + /** + * @dev Performs a delegatecall and returns whatever the delegatecall returned (entire context execution will return!) + * @param _dst Destination address to perform the delegatecall + * @param _calldata Calldata for the delegatecall + */ + function delegatedFwd(address _dst, bytes _calldata) internal { + require(isContract(_dst)); + uint256 fwdGasLimit = FWD_GAS_LIMIT; + + assembly { + let result := delegatecall(sub(gas, fwdGasLimit), _dst, add(_calldata, 0x20), mload(_calldata), 0, 0) + let size := returndatasize + let ptr := mload(0x40) + returndatacopy(ptr, 0, size) + + // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas. + // if the call returned error data, forward it + switch result case 0 { revert(ptr, size) } + default { return(ptr, size) } + } + } +} +// File: contracts/common/DepositableStorage.sol +contract DepositableStorage { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.depositableStorage.depositable") + bytes32 internal constant DEPOSITABLE_POSITION = 0x665fd576fbbe6f247aff98f5c94a561e3f71ec2d3c988d56f12d342396c50cea; + + function isDepositable() public view returns (bool) { + return DEPOSITABLE_POSITION.getStorageBool(); + } + + function setDepositable(bool _depositable) internal { + DEPOSITABLE_POSITION.setStorageBool(_depositable); + } +} +// File: contracts/common/DepositableDelegateProxy.sol +contract DepositableDelegateProxy is DepositableStorage, DelegateProxy { + event ProxyDeposit(address sender, uint256 value); + + function () external payable { + // send / transfer + if (gasleft() < FWD_GAS_LIMIT) { + require(msg.value > 0 && msg.data.length == 0); + require(isDepositable()); + emit ProxyDeposit(msg.sender, msg.value); + } else { // all calls except for send or transfer + address target = implementation(); + delegatedFwd(target, msg.data); + } + } +} +// File: contracts/apps/AppProxyBase.sol +contract AppProxyBase is AppStorage, DepositableDelegateProxy, KernelNamespaceConstants { + /** + * @dev Initialize AppProxy + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public { + setKernel(_kernel); + setAppId(_appId); + + // Implicit check that kernel is actually a Kernel + // The EVM doesn't actually provide a way for us to make sure, but we can force a revert to + // occur if the kernel is set to 0x0 or a non-code address when we try to call a method on + // it. + address appCode = getAppBase(_appId); + + // If initialize payload is provided, it will be executed + if (_initializePayload.length > 0) { + require(isContract(appCode)); + // Cannot make delegatecall as a delegateproxy.delegatedFwd as it + // returns ending execution context and halts contract deployment + require(appCode.delegatecall(_initializePayload)); + } + } + + function getAppBase(bytes32 _appId) internal view returns (address) { + return kernel().getApp(KERNEL_APP_BASES_NAMESPACE, _appId); + } +} +// File: contracts/apps/AppProxyUpgradeable.sol +contract AppProxyUpgradeable is AppProxyBase { + /** + * @dev Initialize AppProxyUpgradeable (makes it an upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return getAppBase(appId()); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } +} +// File: contracts/apps/AppProxyPinned.sol +contract AppProxyPinned is IsContract, AppProxyBase { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.appStorage.pinnedCode") + bytes32 internal constant PINNED_CODE_POSITION = 0xdee64df20d65e53d7f51cb6ab6d921a0a6a638a91e942e1d8d02df28e31c038e; + + /** + * @dev Initialize AppProxyPinned (makes it an un-upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + setPinnedCode(getAppBase(_appId)); + require(isContract(pinnedCode())); + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return pinnedCode(); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return FORWARDING; + } + + function setPinnedCode(address _pinnedCode) internal { + PINNED_CODE_POSITION.setStorageAddress(_pinnedCode); + } + + function pinnedCode() internal view returns (address) { + return PINNED_CODE_POSITION.getStorageAddress(); + } +} +// File: contracts/factory/AppProxyFactory.sol +contract AppProxyFactory { + event NewAppProxy(address proxy, bool isUpgradeable, bytes32 appId); + + function newAppProxy(IKernel _kernel, bytes32 _appId) public returns (AppProxyUpgradeable) { + return newAppProxy(_kernel, _appId, new bytes(0)); + } + + function newAppProxy(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyUpgradeable) { + AppProxyUpgradeable proxy = new AppProxyUpgradeable(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), true, _appId); + return proxy; + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId) public returns (AppProxyPinned) { + return newAppProxyPinned(_kernel, _appId, new bytes(0)); + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyPinned) { + AppProxyPinned proxy = new AppProxyPinned(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), false, _appId); + return proxy; + } +} +// File: contracts/kernel/KernelStorage.sol +contract KernelStorage { + // namespace => app id => address + mapping (bytes32 => mapping (bytes32 => address)) public apps; + bytes32 public recoveryVaultAppId; +} +// File: contracts/kernel/Kernel.sol +// solium-disable-next-line max-len +contract Kernel is IKernel, KernelStorage, KernelAppIds, KernelNamespaceConstants, Petrifiable, IsContract, VaultRecoverable, AppProxyFactory, ACLSyntaxSugar { + /* Hardcoded constants to save gas + bytes32 public constant APP_MANAGER_ROLE = keccak256("APP_MANAGER_ROLE"); + */ + bytes32 public constant APP_MANAGER_ROLE = 0xb6d92708f3d4817afc106147d969e229ced5c46e65e0a5002a0d391287762bd0; + + string private constant ERROR_APP_NOT_CONTRACT = "KERNEL_APP_NOT_CONTRACT"; + string private constant ERROR_INVALID_APP_CHANGE = "KERNEL_INVALID_APP_CHANGE"; + string private constant ERROR_AUTH_FAILED = "KERNEL_AUTH_FAILED"; + + /** + * @dev Constructor that allows the deployer to choose if the base instance should be petrified immediately. + * @param _shouldPetrify Immediately petrify this instance so that it can never be initialized + */ + constructor(bool _shouldPetrify) public { + if (_shouldPetrify) { + petrify(); + } + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a kernel instance along with its ACL and sets `_permissionsCreator` as the entity that can create other permissions + * @param _baseAcl Address of base ACL app + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(IACL _baseAcl, address _permissionsCreator) public onlyInit { + initialized(); + + // Set ACL base + _setApp(KERNEL_APP_BASES_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, _baseAcl); + + // Create ACL instance and attach it as the default ACL app + IACL acl = IACL(newAppProxy(this, KERNEL_DEFAULT_ACL_APP_ID)); + acl.initialize(_permissionsCreator); + _setApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, acl); + + recoveryVaultAppId = KERNEL_DEFAULT_VAULT_APP_ID; + } + + /** + * @dev Create a new instance of an app linked to this kernel + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new instance of an app linked to this kernel and set its base + * implementation if it was not already set + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxy(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newPinnedAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel and set + * its base implementation if it was not already set + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxyPinned(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Set the resolving address of an app instance or base implementation + * @notice Set the resolving address of `_appId` in namespace `_namespace` to `_app` + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @param _app Address of the app instance or base implementation + * @return ID of app + */ + function setApp(bytes32 _namespace, bytes32 _appId, address _app) + public + auth(APP_MANAGER_ROLE, arr(_namespace, _appId)) + { + _setApp(_namespace, _appId, _app); + } + + /** + * @dev Set the default vault id for the escape hatch mechanism + * @param _recoveryVaultAppId Identifier of the recovery vault app + */ + function setRecoveryVaultAppId(bytes32 _recoveryVaultAppId) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_ADDR_NAMESPACE, _recoveryVaultAppId)) + { + recoveryVaultAppId = _recoveryVaultAppId; + } + + // External access to default app id and namespace constants to mimic default getters for constants + /* solium-disable function-order, mixedcase */ + function CORE_NAMESPACE() external pure returns (bytes32) { return KERNEL_CORE_NAMESPACE; } + function APP_BASES_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_BASES_NAMESPACE; } + function APP_ADDR_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_ADDR_NAMESPACE; } + function KERNEL_APP_ID() external pure returns (bytes32) { return KERNEL_CORE_APP_ID; } + function DEFAULT_ACL_APP_ID() external pure returns (bytes32) { return KERNEL_DEFAULT_ACL_APP_ID; } + /* solium-enable function-order, mixedcase */ + + /** + * @dev Get the address of an app instance or base implementation + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @return Address of the app + */ + function getApp(bytes32 _namespace, bytes32 _appId) public view returns (address) { + return apps[_namespace][_appId]; + } + + /** + * @dev Get the address of the recovery Vault instance (to recover funds) + * @return Address of the Vault + */ + function getRecoveryVault() public view returns (address) { + return apps[KERNEL_APP_ADDR_NAMESPACE][recoveryVaultAppId]; + } + + /** + * @dev Get the installed ACL app + * @return ACL app + */ + function acl() public view returns (IACL) { + return IACL(getApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID)); + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission status + * @param _who Sender of the original call + * @param _where Address of the app + * @param _what Identifier for a group of actions in app + * @param _how Extra data for ACL auth + * @return Boolean indicating whether the ACL allows the role or not. + * Always returns false if the kernel hasn't been initialized yet. + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool) { + IACL defaultAcl = acl(); + return address(defaultAcl) != address(0) && // Poor man's initialization check (saves gas) + defaultAcl.hasPermission(_who, _where, _what, _how); + } + + function _setApp(bytes32 _namespace, bytes32 _appId, address _app) internal { + require(isContract(_app), ERROR_APP_NOT_CONTRACT); + apps[_namespace][_appId] = _app; + emit SetApp(_namespace, _appId, _app); + } + + function _setAppIfNew(bytes32 _namespace, bytes32 _appId, address _app) internal { + address app = getApp(_namespace, _appId); + if (app != address(0)) { + // The only way to set an app is if it passes the isContract check, so no need to check it again + require(app == _app, ERROR_INVALID_APP_CHANGE); + } else { + _setApp(_namespace, _appId, _app); + } + } + + modifier auth(bytes32 _role, uint256[] memory params) { + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with params and a new length, and params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = params.length * 32; + assembly { + how := params + mstore(how, byteLength) + } + + require(hasPermission(msg.sender, address(this), _role, how), ERROR_AUTH_FAILED); + _; + } +} +// File: contracts/acl/IACLOracle.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACLOracle { + function canPerform(address who, address where, bytes32 what, uint256[] how) external view returns (bool); +} +// File: contracts/acl/ACL.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract ACL is IACL, TimeHelpers, AragonApp, ACLHelpers { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_PERMISSIONS_ROLE = keccak256("CREATE_PERMISSIONS_ROLE"); + */ + bytes32 public constant CREATE_PERMISSIONS_ROLE = 0x0b719b33c83b8e5d300c521cb8b54ae9bd933996a14bef8c2f4e0285d2d2400a; + + enum Op { NONE, EQ, NEQ, GT, LT, GTE, LTE, RET, NOT, AND, OR, XOR, IF_ELSE } // op types + + struct Param { + uint8 id; + uint8 op; + uint240 value; // even though value is an uint240 it can store addresses + // in the case of 32 byte hashes losing 2 bytes precision isn't a huge deal + // op and id take less than 1 byte each so it can be kept in 1 sstore + } + + uint8 internal constant BLOCK_NUMBER_PARAM_ID = 200; + uint8 internal constant TIMESTAMP_PARAM_ID = 201; + // 202 is unused + uint8 internal constant ORACLE_PARAM_ID = 203; + uint8 internal constant LOGIC_OP_PARAM_ID = 204; + uint8 internal constant PARAM_VALUE_PARAM_ID = 205; + // TODO: Add execution times param type? + + /* Hardcoded constant to save gas + bytes32 public constant EMPTY_PARAM_HASH = keccak256(uint256(0)); + */ + bytes32 public constant EMPTY_PARAM_HASH = 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563; + bytes32 public constant NO_PERMISSION = bytes32(0); + address public constant ANY_ENTITY = address(-1); + address public constant BURN_ENTITY = address(1); // address(0) is already used as "no permission manager" + + uint256 internal constant ORACLE_CHECK_GAS = 30000; + + string private constant ERROR_AUTH_INIT_KERNEL = "ACL_AUTH_INIT_KERNEL"; + string private constant ERROR_AUTH_NO_MANAGER = "ACL_AUTH_NO_MANAGER"; + string private constant ERROR_EXISTENT_MANAGER = "ACL_EXISTENT_MANAGER"; + + // Whether someone has a permission + mapping (bytes32 => bytes32) internal permissions; // permissions hash => params hash + mapping (bytes32 => Param[]) internal permissionParams; // params hash => params + + // Who is the manager of a permission + mapping (bytes32 => address) internal permissionManager; + + event SetPermission(address indexed entity, address indexed app, bytes32 indexed role, bool allowed); + event SetPermissionParams(address indexed entity, address indexed app, bytes32 indexed role, bytes32 paramsHash); + event ChangePermissionManager(address indexed app, bytes32 indexed role, address indexed manager); + + modifier onlyPermissionManager(address _app, bytes32 _role) { + require(msg.sender == getPermissionManager(_app, _role), ERROR_AUTH_NO_MANAGER); + _; + } + + modifier noPermissionManager(address _app, bytes32 _role) { + // only allow permission creation (or re-creation) when there is no manager + require(getPermissionManager(_app, _role) == address(0), ERROR_EXISTENT_MANAGER); + _; + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initialize an ACL instance and set `_permissionsCreator` as the entity that can create other permissions + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(address _permissionsCreator) public onlyInit { + initialized(); + require(msg.sender == address(kernel()), ERROR_AUTH_INIT_KERNEL); + + _createPermission(_permissionsCreator, this, CREATE_PERMISSIONS_ROLE, _permissionsCreator); + } + + /** + * @dev Creates a permission that wasn't previously set and managed. + * If a created permission is removed it is possible to reset it with createPermission. + * This is the **ONLY** way to create permissions and set managers to permissions that don't + * have a manager. + * In terms of the ACL being initialized, this function implicitly protects all the other + * state-changing external functions, as they all require the sender to be a manager. + * @notice Create a new permission granting `_entity` the ability to perform actions requiring `_role` on `_app`, setting `_manager` as the permission's manager + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _manager Address of the entity that will be able to grant and revoke the permission further. + */ + function createPermission(address _entity, address _app, bytes32 _role, address _manager) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _createPermission(_entity, _app, _role, _manager); + } + + /** + * @dev Grants permission if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + */ + function grantPermission(address _entity, address _app, bytes32 _role) + external + { + grantPermissionP(_entity, _app, _role, new uint256[](0)); + } + + /** + * @dev Grants a permission with parameters if allowed. This requires `msg.sender` to be the permission manager + * @notice Grant `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app in which the role will be allowed (requires app to depend on kernel for ACL) + * @param _role Identifier for the group of actions in app given access to perform + * @param _params Permission parameters + */ + function grantPermissionP(address _entity, address _app, bytes32 _role, uint256[] _params) + public + onlyPermissionManager(_app, _role) + { + bytes32 paramsHash = _params.length > 0 ? _saveParams(_params) : EMPTY_PARAM_HASH; + _setPermission(_entity, _app, _role, paramsHash); + } + + /** + * @dev Revokes permission if allowed. This requires `msg.sender` to be the the permission manager + * @notice Revoke from `_entity` the ability to perform actions requiring `_role` on `_app` + * @param _entity Address of the whitelisted entity to revoke access from + * @param _app Address of the app in which the role will be revoked + * @param _role Identifier for the group of actions in app being revoked + */ + function revokePermission(address _entity, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermission(_entity, _app, _role, NO_PERMISSION); + } + + /** + * @notice Set `_newManager` as the manager of `_role` in `_app` + * @param _newManager Address for the new manager + * @param _app Address of the app in which the permission management is being transferred + * @param _role Identifier for the group of actions being transferred + */ + function setPermissionManager(address _newManager, address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(_newManager, _app, _role); + } + + /** + * @notice Remove the manager of `_role` in `_app` + * @param _app Address of the app in which the permission is being unmanaged + * @param _role Identifier for the group of actions being unmanaged + */ + function removePermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(address(0), _app, _role); + } + + /** + * @notice Burn non-existent `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function createBurnedPermission(address _app, bytes32 _role) + external + auth(CREATE_PERMISSIONS_ROLE) + noPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Burn `_role` in `_app`, so no modification can be made to it (grant, revoke, permission manager) + * @param _app Address of the app in which the permission is being burned + * @param _role Identifier for the group of actions being burned + */ + function burnPermissionManager(address _app, bytes32 _role) + external + onlyPermissionManager(_app, _role) + { + _setPermissionManager(BURN_ENTITY, _app, _role); + } + + /** + * @notice Get parameters for permission array length + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return Length of the array + */ + function getPermissionParamsLength(address _entity, address _app, bytes32 _role) external view returns (uint) { + return permissionParams[permissions[permissionHash(_entity, _app, _role)]].length; + } + + /** + * @notice Get parameter for permission + * @param _entity Address of the whitelisted entity that will be able to perform the role + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @param _index Index of parameter in the array + * @return Parameter (id, op, value) + */ + function getPermissionParam(address _entity, address _app, bytes32 _role, uint _index) + external + view + returns (uint8, uint8, uint240) + { + Param storage param = permissionParams[permissions[permissionHash(_entity, _app, _role)]][_index]; + return (param.id, param.op, param.value); + } + + /** + * @dev Get manager for permission + * @param _app Address of the app + * @param _role Identifier for a group of actions in app + * @return address of the manager for the permission + */ + function getPermissionManager(address _app, bytes32 _role) public view returns (address) { + return permissionManager[roleHash(_app, _role)]; + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission statu + * @param _who Sender of the original call + * @param _where Address of the app + * @param _where Identifier for a group of actions in app + * @param _how Permission parameters + * @return boolean indicating whether the ACL allows the role or not + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes memory _how) public view returns (bool) { + // Force cast the bytes array into a uint256[], by overwriting its length + // Note that the uint256[] doesn't need to be initialized as we immediately overwrite it + // with _how and a new length, and _how becomes invalid from this point forward + uint256[] memory how; + uint256 intsLength = _how.length / 32; + assembly { + how := _how + mstore(how, intsLength) + } + + return hasPermission(_who, _where, _what, how); + } + + function hasPermission(address _who, address _where, bytes32 _what, uint256[] memory _how) public view returns (bool) { + bytes32 whoParams = permissions[permissionHash(_who, _where, _what)]; + if (whoParams != NO_PERMISSION && evalParams(whoParams, _who, _where, _what, _how)) { + return true; + } + + bytes32 anyParams = permissions[permissionHash(ANY_ENTITY, _where, _what)]; + if (anyParams != NO_PERMISSION && evalParams(anyParams, ANY_ENTITY, _where, _what, _how)) { + return true; + } + + return false; + } + + function hasPermission(address _who, address _where, bytes32 _what) public view returns (bool) { + uint256[] memory empty = new uint256[](0); + return hasPermission(_who, _where, _what, empty); + } + + function evalParams( + bytes32 _paramsHash, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) public view returns (bool) + { + if (_paramsHash == EMPTY_PARAM_HASH) { + return true; + } + + return _evalParam(_paramsHash, 0, _who, _where, _what, _how); + } + + /** + * @dev Internal createPermission for access inside the kernel (on instantiation) + */ + function _createPermission(address _entity, address _app, bytes32 _role, address _manager) internal { + _setPermission(_entity, _app, _role, EMPTY_PARAM_HASH); + _setPermissionManager(_manager, _app, _role); + } + + /** + * @dev Internal function called to actually save the permission + */ + function _setPermission(address _entity, address _app, bytes32 _role, bytes32 _paramsHash) internal { + permissions[permissionHash(_entity, _app, _role)] = _paramsHash; + bool entityHasPermission = _paramsHash != NO_PERMISSION; + bool permissionHasParams = entityHasPermission && _paramsHash != EMPTY_PARAM_HASH; + + emit SetPermission(_entity, _app, _role, entityHasPermission); + if (permissionHasParams) { + emit SetPermissionParams(_entity, _app, _role, _paramsHash); + } + } + + function _saveParams(uint256[] _encodedParams) internal returns (bytes32) { + bytes32 paramHash = keccak256(abi.encodePacked(_encodedParams)); + Param[] storage params = permissionParams[paramHash]; + + if (params.length == 0) { // params not saved before + for (uint256 i = 0; i < _encodedParams.length; i++) { + uint256 encodedParam = _encodedParams[i]; + Param memory param = Param(decodeParamId(encodedParam), decodeParamOp(encodedParam), uint240(encodedParam)); + params.push(param); + } + } + + return paramHash; + } + + function _evalParam( + bytes32 _paramsHash, + uint32 _paramId, + address _who, + address _where, + bytes32 _what, + uint256[] _how + ) internal view returns (bool) + { + if (_paramId >= permissionParams[_paramsHash].length) { + return false; // out of bounds + } + + Param memory param = permissionParams[_paramsHash][_paramId]; + + if (param.id == LOGIC_OP_PARAM_ID) { + return _evalLogic(param, _paramsHash, _who, _where, _what, _how); + } + + uint256 value; + uint256 comparedTo = uint256(param.value); + + // get value + if (param.id == ORACLE_PARAM_ID) { + value = checkOracle(IACLOracle(param.value), _who, _where, _what, _how) ? 1 : 0; + comparedTo = 1; + } else if (param.id == BLOCK_NUMBER_PARAM_ID) { + value = getBlockNumber(); + } else if (param.id == TIMESTAMP_PARAM_ID) { + value = getTimestamp(); + } else if (param.id == PARAM_VALUE_PARAM_ID) { + value = uint256(param.value); + } else { + if (param.id >= _how.length) { + return false; + } + value = uint256(uint240(_how[param.id])); // force lost precision + } + + if (Op(param.op) == Op.RET) { + return uint256(value) > 0; + } + + return compare(value, Op(param.op), comparedTo); + } + + function _evalLogic(Param _param, bytes32 _paramsHash, address _who, address _where, bytes32 _what, uint256[] _how) + internal + view + returns (bool) + { + if (Op(_param.op) == Op.IF_ELSE) { + uint32 conditionParam; + uint32 successParam; + uint32 failureParam; + + (conditionParam, successParam, failureParam) = decodeParamsList(uint256(_param.value)); + bool result = _evalParam(_paramsHash, conditionParam, _who, _where, _what, _how); + + return _evalParam(_paramsHash, result ? successParam : failureParam, _who, _where, _what, _how); + } + + uint32 param1; + uint32 param2; + + (param1, param2,) = decodeParamsList(uint256(_param.value)); + bool r1 = _evalParam(_paramsHash, param1, _who, _where, _what, _how); + + if (Op(_param.op) == Op.NOT) { + return !r1; + } + + if (r1 && Op(_param.op) == Op.OR) { + return true; + } + + if (!r1 && Op(_param.op) == Op.AND) { + return false; + } + + bool r2 = _evalParam(_paramsHash, param2, _who, _where, _what, _how); + + if (Op(_param.op) == Op.XOR) { + return r1 != r2; + } + + return r2; // both or and and depend on result of r2 after checks + } + + function compare(uint256 _a, Op _op, uint256 _b) internal pure returns (bool) { + if (_op == Op.EQ) return _a == _b; // solium-disable-line lbrace + if (_op == Op.NEQ) return _a != _b; // solium-disable-line lbrace + if (_op == Op.GT) return _a > _b; // solium-disable-line lbrace + if (_op == Op.LT) return _a < _b; // solium-disable-line lbrace + if (_op == Op.GTE) return _a >= _b; // solium-disable-line lbrace + if (_op == Op.LTE) return _a <= _b; // solium-disable-line lbrace + return false; + } + + function checkOracle(IACLOracle _oracleAddr, address _who, address _where, bytes32 _what, uint256[] _how) internal view returns (bool) { + bytes4 sig = _oracleAddr.canPerform.selector; + + // a raw call is required so we can return false if the call reverts, rather than reverting + bytes memory checkCalldata = abi.encodeWithSelector(sig, _who, _where, _what, _how); + uint256 oracleCheckGas = ORACLE_CHECK_GAS; + + bool ok; + assembly { + ok := staticcall(oracleCheckGas, _oracleAddr, add(checkCalldata, 0x20), mload(checkCalldata), 0, 0) + } + + if (!ok) { + return false; + } + + uint256 size; + assembly { size := returndatasize } + if (size != 32) { + return false; + } + + bool result; + assembly { + let ptr := mload(0x40) // get next free memory ptr + returndatacopy(ptr, 0, size) // copy return from above `staticcall` + result := mload(ptr) // read data at ptr and set it to result + mstore(ptr, 0) // set pointer memory to 0 so it still is the next free ptr + } + + return result; + } + + /** + * @dev Internal function that sets management + */ + function _setPermissionManager(address _newManager, address _app, bytes32 _role) internal { + permissionManager[roleHash(_app, _role)] = _newManager; + emit ChangePermissionManager(_app, _role, _newManager); + } + + function roleHash(address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("ROLE", _where, _what)); + } + + function permissionHash(address _who, address _where, bytes32 _what) internal pure returns (bytes32) { + return keccak256(abi.encodePacked("PERMISSION", _who, _where, _what)); + } +} +// File: contracts/factory/EVMScriptRegistryFactory.sol +contract EVMScriptRegistryFactory is AppProxyFactory, EVMScriptRegistryConstants { + EVMScriptRegistry public baseReg; + IEVMScriptExecutor public baseCallScript; + + constructor() public { + baseReg = new EVMScriptRegistry(); + baseCallScript = IEVMScriptExecutor(new CallsScript()); + } + + function newEVMScriptRegistry(Kernel _dao) public returns (EVMScriptRegistry reg) { + bytes memory initPayload = abi.encodeWithSelector(reg.initialize.selector); + reg = EVMScriptRegistry(_dao.newPinnedAppInstance(EVMSCRIPT_REGISTRY_APP_ID, baseReg, initPayload, true)); + + ACL acl = ACL(_dao.acl()); + + acl.createPermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE(), this); + + reg.addScriptExecutor(baseCallScript); // spec 1 = CallsScript + + // Clean up the permissions + acl.revokePermission(this, reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + acl.removePermissionManager(reg, reg.REGISTRY_ADD_EXECUTOR_ROLE()); + + return reg; + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/Kernel.sol b/environments/rinkeby/contracts/aragonOS/Kernel.sol new file mode 100644 index 0000000..008dbdf --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/Kernel.sol @@ -0,0 +1,962 @@ +pragma solidity 0.4.24; +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/kernel/KernelStorage.sol +contract KernelStorage { + // namespace => app id => address + mapping (bytes32 => mapping (bytes32 => address)) public apps; + bytes32 public recoveryVaultAppId; +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/lib/misc/ERCProxy.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ERCProxy { + uint256 internal constant FORWARDING = 1; + uint256 internal constant UPGRADEABLE = 2; + + function proxyType() public pure returns (uint256 proxyTypeId); + function implementation() public view returns (address codeAddr); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/DelegateProxy.sol +contract DelegateProxy is ERCProxy, IsContract { + uint256 internal constant FWD_GAS_LIMIT = 10000; + + /** + * @dev Performs a delegatecall and returns whatever the delegatecall returned (entire context execution will return!) + * @param _dst Destination address to perform the delegatecall + * @param _calldata Calldata for the delegatecall + */ + function delegatedFwd(address _dst, bytes _calldata) internal { + require(isContract(_dst)); + uint256 fwdGasLimit = FWD_GAS_LIMIT; + + assembly { + let result := delegatecall(sub(gas, fwdGasLimit), _dst, add(_calldata, 0x20), mload(_calldata), 0, 0) + let size := returndatasize + let ptr := mload(0x40) + returndatacopy(ptr, 0, size) + + // revert instead of invalid() bc if the underlying call failed with invalid() it already wasted gas. + // if the call returned error data, forward it + switch result case 0 { revert(ptr, size) } + default { return(ptr, size) } + } + } +} +// File: contracts/common/DepositableStorage.sol +contract DepositableStorage { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.depositableStorage.depositable") + bytes32 internal constant DEPOSITABLE_POSITION = 0x665fd576fbbe6f247aff98f5c94a561e3f71ec2d3c988d56f12d342396c50cea; + + function isDepositable() public view returns (bool) { + return DEPOSITABLE_POSITION.getStorageBool(); + } + + function setDepositable(bool _depositable) internal { + DEPOSITABLE_POSITION.setStorageBool(_depositable); + } +} +// File: contracts/common/DepositableDelegateProxy.sol +contract DepositableDelegateProxy is DepositableStorage, DelegateProxy { + event ProxyDeposit(address sender, uint256 value); + + function () external payable { + // send / transfer + if (gasleft() < FWD_GAS_LIMIT) { + require(msg.value > 0 && msg.data.length == 0); + require(isDepositable()); + emit ProxyDeposit(msg.sender, msg.value); + } else { // all calls except for send or transfer + address target = implementation(); + delegatedFwd(target, msg.data); + } + } +} +// File: contracts/apps/AppProxyBase.sol +contract AppProxyBase is AppStorage, DepositableDelegateProxy, KernelNamespaceConstants { + /** + * @dev Initialize AppProxy + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public { + setKernel(_kernel); + setAppId(_appId); + + // Implicit check that kernel is actually a Kernel + // The EVM doesn't actually provide a way for us to make sure, but we can force a revert to + // occur if the kernel is set to 0x0 or a non-code address when we try to call a method on + // it. + address appCode = getAppBase(_appId); + + // If initialize payload is provided, it will be executed + if (_initializePayload.length > 0) { + require(isContract(appCode)); + // Cannot make delegatecall as a delegateproxy.delegatedFwd as it + // returns ending execution context and halts contract deployment + require(appCode.delegatecall(_initializePayload)); + } + } + + function getAppBase(bytes32 _appId) internal view returns (address) { + return kernel().getApp(KERNEL_APP_BASES_NAMESPACE, _appId); + } +} +// File: contracts/apps/AppProxyUpgradeable.sol +contract AppProxyUpgradeable is AppProxyBase { + /** + * @dev Initialize AppProxyUpgradeable (makes it an upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return getAppBase(appId()); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return UPGRADEABLE; + } +} +// File: contracts/apps/AppProxyPinned.sol +contract AppProxyPinned is IsContract, AppProxyBase { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.appStorage.pinnedCode") + bytes32 internal constant PINNED_CODE_POSITION = 0xdee64df20d65e53d7f51cb6ab6d921a0a6a638a91e942e1d8d02df28e31c038e; + + /** + * @dev Initialize AppProxyPinned (makes it an un-upgradeable Aragon app) + * @param _kernel Reference to organization kernel for the app + * @param _appId Identifier for app + * @param _initializePayload Payload for call to be made after setup to initialize + */ + constructor(IKernel _kernel, bytes32 _appId, bytes _initializePayload) + AppProxyBase(_kernel, _appId, _initializePayload) + public // solium-disable-line visibility-first + { + setPinnedCode(getAppBase(_appId)); + require(isContract(pinnedCode())); + } + + /** + * @dev ERC897, the address the proxy would delegate calls to + */ + function implementation() public view returns (address) { + return pinnedCode(); + } + + /** + * @dev ERC897, whether it is a forwarding (1) or an upgradeable (2) proxy + */ + function proxyType() public pure returns (uint256 proxyTypeId) { + return FORWARDING; + } + + function setPinnedCode(address _pinnedCode) internal { + PINNED_CODE_POSITION.setStorageAddress(_pinnedCode); + } + + function pinnedCode() internal view returns (address) { + return PINNED_CODE_POSITION.getStorageAddress(); + } +} +// File: contracts/factory/AppProxyFactory.sol +contract AppProxyFactory { + event NewAppProxy(address proxy, bool isUpgradeable, bytes32 appId); + + function newAppProxy(IKernel _kernel, bytes32 _appId) public returns (AppProxyUpgradeable) { + return newAppProxy(_kernel, _appId, new bytes(0)); + } + + function newAppProxy(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyUpgradeable) { + AppProxyUpgradeable proxy = new AppProxyUpgradeable(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), true, _appId); + return proxy; + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId) public returns (AppProxyPinned) { + return newAppProxyPinned(_kernel, _appId, new bytes(0)); + } + + function newAppProxyPinned(IKernel _kernel, bytes32 _appId, bytes _initializePayload) public returns (AppProxyPinned) { + AppProxyPinned proxy = new AppProxyPinned(_kernel, _appId, _initializePayload); + emit NewAppProxy(address(proxy), false, _appId); + return proxy; + } +} +// File: contracts/kernel/Kernel.sol +// solium-disable-next-line max-len +contract Kernel is IKernel, KernelStorage, KernelAppIds, KernelNamespaceConstants, Petrifiable, IsContract, VaultRecoverable, AppProxyFactory, ACLSyntaxSugar { + /* Hardcoded constants to save gas + bytes32 public constant APP_MANAGER_ROLE = keccak256("APP_MANAGER_ROLE"); + */ + bytes32 public constant APP_MANAGER_ROLE = 0xb6d92708f3d4817afc106147d969e229ced5c46e65e0a5002a0d391287762bd0; + + string private constant ERROR_APP_NOT_CONTRACT = "KERNEL_APP_NOT_CONTRACT"; + string private constant ERROR_INVALID_APP_CHANGE = "KERNEL_INVALID_APP_CHANGE"; + string private constant ERROR_AUTH_FAILED = "KERNEL_AUTH_FAILED"; + + /** + * @dev Constructor that allows the deployer to choose if the base instance should be petrified immediately. + * @param _shouldPetrify Immediately petrify this instance so that it can never be initialized + */ + constructor(bool _shouldPetrify) public { + if (_shouldPetrify) { + petrify(); + } + } + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a kernel instance along with its ACL and sets `_permissionsCreator` as the entity that can create other permissions + * @param _baseAcl Address of base ACL app + * @param _permissionsCreator Entity that will be given permission over createPermission + */ + function initialize(IACL _baseAcl, address _permissionsCreator) public onlyInit { + initialized(); + + // Set ACL base + _setApp(KERNEL_APP_BASES_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, _baseAcl); + + // Create ACL instance and attach it as the default ACL app + IACL acl = IACL(newAppProxy(this, KERNEL_DEFAULT_ACL_APP_ID)); + acl.initialize(_permissionsCreator); + _setApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID, acl); + + recoveryVaultAppId = KERNEL_DEFAULT_VAULT_APP_ID; + } + + /** + * @dev Create a new instance of an app linked to this kernel + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new instance of an app linked to this kernel and set its base + * implementation if it was not already set + * @notice Create a new upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxy(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + return newPinnedAppInstance(_appId, _appBase, new bytes(0), false); + } + + /** + * @dev Create a new pinned instance of an app linked to this kernel and set + * its base implementation if it was not already set + * @notice Create a new non-upgradeable instance of `_appId` app linked to the Kernel, setting its code to `_appBase`. `_setDefault ? 'Also sets it as the default app instance.':''` + * @param _appId Identifier for app + * @param _appBase Address of the app's base implementation + * @param _initializePayload Payload for call made by the proxy during its construction to initialize + * @param _setDefault Whether the app proxy app is the default one. + * Useful when the Kernel needs to know of an instance of a particular app, + * like Vault for escape hatch mechanism. + * @return AppProxy instance + */ + function newPinnedAppInstance(bytes32 _appId, address _appBase, bytes _initializePayload, bool _setDefault) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_BASES_NAMESPACE, _appId)) + returns (ERCProxy appProxy) + { + _setAppIfNew(KERNEL_APP_BASES_NAMESPACE, _appId, _appBase); + appProxy = newAppProxyPinned(this, _appId, _initializePayload); + // By calling setApp directly and not the internal functions, we make sure the params are checked + // and it will only succeed if sender has permissions to set something to the namespace. + if (_setDefault) { + setApp(KERNEL_APP_ADDR_NAMESPACE, _appId, appProxy); + } + } + + /** + * @dev Set the resolving address of an app instance or base implementation + * @notice Set the resolving address of `_appId` in namespace `_namespace` to `_app` + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @param _app Address of the app instance or base implementation + * @return ID of app + */ + function setApp(bytes32 _namespace, bytes32 _appId, address _app) + public + auth(APP_MANAGER_ROLE, arr(_namespace, _appId)) + { + _setApp(_namespace, _appId, _app); + } + + /** + * @dev Set the default vault id for the escape hatch mechanism + * @param _recoveryVaultAppId Identifier of the recovery vault app + */ + function setRecoveryVaultAppId(bytes32 _recoveryVaultAppId) + public + auth(APP_MANAGER_ROLE, arr(KERNEL_APP_ADDR_NAMESPACE, _recoveryVaultAppId)) + { + recoveryVaultAppId = _recoveryVaultAppId; + } + + // External access to default app id and namespace constants to mimic default getters for constants + /* solium-disable function-order, mixedcase */ + function CORE_NAMESPACE() external pure returns (bytes32) { return KERNEL_CORE_NAMESPACE; } + function APP_BASES_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_BASES_NAMESPACE; } + function APP_ADDR_NAMESPACE() external pure returns (bytes32) { return KERNEL_APP_ADDR_NAMESPACE; } + function KERNEL_APP_ID() external pure returns (bytes32) { return KERNEL_CORE_APP_ID; } + function DEFAULT_ACL_APP_ID() external pure returns (bytes32) { return KERNEL_DEFAULT_ACL_APP_ID; } + /* solium-enable function-order, mixedcase */ + + /** + * @dev Get the address of an app instance or base implementation + * @param _namespace App namespace to use + * @param _appId Identifier for app + * @return Address of the app + */ + function getApp(bytes32 _namespace, bytes32 _appId) public view returns (address) { + return apps[_namespace][_appId]; + } + + /** + * @dev Get the address of the recovery Vault instance (to recover funds) + * @return Address of the Vault + */ + function getRecoveryVault() public view returns (address) { + return apps[KERNEL_APP_ADDR_NAMESPACE][recoveryVaultAppId]; + } + + /** + * @dev Get the installed ACL app + * @return ACL app + */ + function acl() public view returns (IACL) { + return IACL(getApp(KERNEL_APP_ADDR_NAMESPACE, KERNEL_DEFAULT_ACL_APP_ID)); + } + + /** + * @dev Function called by apps to check ACL on kernel or to check permission status + * @param _who Sender of the original call + * @param _where Address of the app + * @param _what Identifier for a group of actions in app + * @param _how Extra data for ACL auth + * @return Boolean indicating whether the ACL allows the role or not. + * Always returns false if the kernel hasn't been initialized yet. + */ + function hasPermission(address _who, address _where, bytes32 _what, bytes _how) public view returns (bool) { + IACL defaultAcl = acl(); + return address(defaultAcl) != address(0) && // Poor man's initialization check (saves gas) + defaultAcl.hasPermission(_who, _where, _what, _how); + } + + function _setApp(bytes32 _namespace, bytes32 _appId, address _app) internal { + require(isContract(_app), ERROR_APP_NOT_CONTRACT); + apps[_namespace][_appId] = _app; + emit SetApp(_namespace, _appId, _app); + } + + function _setAppIfNew(bytes32 _namespace, bytes32 _appId, address _app) internal { + address app = getApp(_namespace, _appId); + if (app != address(0)) { + // The only way to set an app is if it passes the isContract check, so no need to check it again + require(app == _app, ERROR_INVALID_APP_CHANGE); + } else { + _setApp(_namespace, _appId, _app); + } + } + + modifier auth(bytes32 _role, uint256[] memory params) { + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with params and a new length, and params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = params.length * 32; + assembly { + how := params + mstore(how, byteLength) + } + + require(hasPermission(msg.sender, address(this), _role, how), ERROR_AUTH_FAILED); + _; + } +} \ No newline at end of file diff --git a/environments/rinkeby/contracts/aragonOS/Repo.sol b/environments/rinkeby/contracts/aragonOS/Repo.sol new file mode 100644 index 0000000..56fa5c0 --- /dev/null +++ b/environments/rinkeby/contracts/aragonOS/Repo.sol @@ -0,0 +1,853 @@ +pragma solidity 0.4.24; +// File: contracts/common/UnstructuredStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +library UnstructuredStorage { + function getStorageBool(bytes32 position) internal view returns (bool data) { + assembly { data := sload(position) } + } + + function getStorageAddress(bytes32 position) internal view returns (address data) { + assembly { data := sload(position) } + } + + function getStorageBytes32(bytes32 position) internal view returns (bytes32 data) { + assembly { data := sload(position) } + } + + function getStorageUint256(bytes32 position) internal view returns (uint256 data) { + assembly { data := sload(position) } + } + + function setStorageBool(bytes32 position, bool data) internal { + assembly { sstore(position, data) } + } + + function setStorageAddress(bytes32 position, address data) internal { + assembly { sstore(position, data) } + } + + function setStorageBytes32(bytes32 position, bytes32 data) internal { + assembly { sstore(position, data) } + } + + function setStorageUint256(bytes32 position, uint256 data) internal { + assembly { sstore(position, data) } + } +} +// File: contracts/acl/IACL.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IACL { + function initialize(address permissionsCreator) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); +} +// File: contracts/common/IVaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IVaultRecoverable { + function transferToVault(address token) external; + + function allowRecoverability(address token) external view returns (bool); + function getRecoveryVault() external view returns (address); +} +// File: contracts/kernel/IKernel.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +// This should be an interface, but interfaces can't inherit yet :( +contract IKernel is IVaultRecoverable { + event SetApp(bytes32 indexed namespace, bytes32 indexed appId, address app); + + function acl() public view returns (IACL); + function hasPermission(address who, address where, bytes32 what, bytes how) public view returns (bool); + + function setApp(bytes32 namespace, bytes32 appId, address app) public; + function getApp(bytes32 namespace, bytes32 appId) public view returns (address); +} +// File: contracts/apps/AppStorage.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract AppStorage { + using UnstructuredStorage for bytes32; + + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_POSITION = keccak256("aragonOS.appStorage.kernel"); + bytes32 internal constant APP_ID_POSITION = keccak256("aragonOS.appStorage.appId"); + */ + bytes32 internal constant KERNEL_POSITION = 0x4172f0f7d2289153072b0a6ca36959e0cbe2efc3afe50fc81636caa96338137b; + bytes32 internal constant APP_ID_POSITION = 0xd625496217aa6a3453eecb9c3489dc5a53e6c67b444329ea2b2cbc9ff547639b; + + function kernel() public view returns (IKernel) { + return IKernel(KERNEL_POSITION.getStorageAddress()); + } + + function appId() public view returns (bytes32) { + return APP_ID_POSITION.getStorageBytes32(); + } + + function setKernel(IKernel _kernel) internal { + KERNEL_POSITION.setStorageAddress(address(_kernel)); + } + + function setAppId(bytes32 _appId) internal { + APP_ID_POSITION.setStorageBytes32(_appId); + } +} +// File: contracts/common/Uint256Helpers.sol +library Uint256Helpers { + uint256 private constant MAX_UINT64 = uint64(-1); + + string private constant ERROR_NUMBER_TOO_BIG = "UINT64_NUMBER_TOO_BIG"; + + function toUint64(uint256 a) internal pure returns (uint64) { + require(a <= MAX_UINT64, ERROR_NUMBER_TOO_BIG); + return uint64(a); + } +} +// File: contracts/common/TimeHelpers.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract TimeHelpers { + using Uint256Helpers for uint256; + + /** + * @dev Returns the current block number. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber() internal view returns (uint256) { + return block.number; + } + + /** + * @dev Returns the current block number, converted to uint64. + * Using a function rather than `block.number` allows us to easily mock the block number in + * tests. + */ + function getBlockNumber64() internal view returns (uint64) { + return getBlockNumber().toUint64(); + } + + /** + * @dev Returns the current timestamp. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp() internal view returns (uint256) { + return block.timestamp; // solium-disable-line security/no-block-members + } + + /** + * @dev Returns the current timestamp, converted to uint64. + * Using a function rather than `block.timestamp` allows us to easily mock it in + * tests. + */ + function getTimestamp64() internal view returns (uint64) { + return getTimestamp().toUint64(); + } +} +// File: contracts/common/Initializable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + +contract Initializable is TimeHelpers { + using UnstructuredStorage for bytes32; + + // keccak256("aragonOS.initializable.initializationBlock") + bytes32 internal constant INITIALIZATION_BLOCK_POSITION = 0xebb05b386a8d34882b8711d156f463690983dc47815980fb82aeeff1aa43579e; + + string private constant ERROR_ALREADY_INITIALIZED = "INIT_ALREADY_INITIALIZED"; + string private constant ERROR_NOT_INITIALIZED = "INIT_NOT_INITIALIZED"; + + modifier onlyInit { + require(getInitializationBlock() == 0, ERROR_ALREADY_INITIALIZED); + _; + } + + modifier isInitialized { + require(hasInitialized(), ERROR_NOT_INITIALIZED); + _; + } + + /** + * @return Block number in which the contract was initialized + */ + function getInitializationBlock() public view returns (uint256) { + return INITIALIZATION_BLOCK_POSITION.getStorageUint256(); + } + + /** + * @return Whether the contract has been initialized by the time of the current block + */ + function hasInitialized() public view returns (bool) { + uint256 initializationBlock = getInitializationBlock(); + return initializationBlock != 0 && getBlockNumber() >= initializationBlock; + } + + /** + * @dev Function to be called by top level contract after initialization has finished. + */ + function initialized() internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(getBlockNumber()); + } + + /** + * @dev Function to be called by top level contract after initialization to enable the contract + * at a future block number rather than immediately. + */ + function initializedAt(uint256 _blockNumber) internal onlyInit { + INITIALIZATION_BLOCK_POSITION.setStorageUint256(_blockNumber); + } +} +// File: contracts/common/Petrifiable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Petrifiable is Initializable { + // Use block UINT256_MAX (which should be never) as the initializable date + uint256 internal constant PETRIFIED_BLOCK = uint256(-1); + + function isPetrified() public view returns (bool) { + return getInitializationBlock() == PETRIFIED_BLOCK; + } + + /** + * @dev Function to be called by top level contract to prevent being initialized. + * Useful for freezing base contracts when they're used behind proxies. + */ + function petrify() internal onlyInit { + initializedAt(PETRIFIED_BLOCK); + } +} +// File: contracts/common/Autopetrified.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract Autopetrified is Petrifiable { + constructor() public { + // Immediately petrify base (non-proxy) instances of inherited contracts on deploy. + // This renders them uninitializable (and unusable without a proxy). + petrify(); + } +} +// File: contracts/lib/token/ERC20.sol +// See https://github.com/OpenZeppelin/openzeppelin-solidity/blob/a9f910d34f0ab33a1ae5e714f69f9596a02b4d91/contracts/token/ERC20/ERC20.sol + +pragma solidity ^0.4.24; + + +/** + * @title ERC20 interface + * @dev see https://github.com/ethereum/EIPs/issues/20 + */ +contract ERC20 { + function totalSupply() public view returns (uint256); + + function balanceOf(address _who) public view returns (uint256); + + function allowance(address _owner, address _spender) + public view returns (uint256); + + function transfer(address _to, uint256 _value) public returns (bool); + + function approve(address _spender, uint256 _value) + public returns (bool); + + function transferFrom(address _from, address _to, uint256 _value) + public returns (bool); + + event Transfer( + address indexed from, + address indexed to, + uint256 value + ); + + event Approval( + address indexed owner, + address indexed spender, + uint256 value + ); +} +// File: contracts/common/EtherTokenConstant.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +// aragonOS and aragon-apps rely on address(0) to denote native ETH, in +// contracts where both tokens and ETH are accepted +contract EtherTokenConstant { + address internal constant ETH = address(0); +} +// File: contracts/common/IsContract.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract IsContract { + /* + * NOTE: this should NEVER be used for authentication + * (see pitfalls: https://github.com/fergarrui/ethereum-security/tree/master/contracts/extcodesize). + * + * This is only intended to be used as a sanity check that an address is actually a contract, + * RATHER THAN an address not being a contract. + */ + function isContract(address _target) internal view returns (bool) { + if (_target == address(0)) { + return false; + } + + uint256 size; + assembly { size := extcodesize(_target) } + return size > 0; + } +} +// File: contracts/common/VaultRecoverable.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + +contract VaultRecoverable is IVaultRecoverable, EtherTokenConstant, IsContract { + string private constant ERROR_DISALLOWED = "RECOVER_DISALLOWED"; + string private constant ERROR_VAULT_NOT_CONTRACT = "RECOVER_VAULT_NOT_CONTRACT"; + + /** + * @notice Send funds to recovery Vault. This contract should never receive funds, + * but in case it does, this function allows one to recover them. + * @param _token Token balance to be sent to recovery vault. + */ + function transferToVault(address _token) external { + require(allowRecoverability(_token), ERROR_DISALLOWED); + address vault = getRecoveryVault(); + require(isContract(vault), ERROR_VAULT_NOT_CONTRACT); + + if (_token == ETH) { + vault.transfer(address(this).balance); + } else { + uint256 amount = ERC20(_token).balanceOf(this); + ERC20(_token).transfer(vault, amount); + } + } + + /** + * @dev By default deriving from AragonApp makes it recoverable + * @param token Token address that would be recovered + * @return bool whether the app allows the recovery + */ + function allowRecoverability(address token) public view returns (bool) { + return true; + } + + // Cast non-implemented interface to be public so we can use it internally + function getRecoveryVault() public view returns (address); +} +// File: contracts/evmscript/IEVMScriptExecutor.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +interface IEVMScriptExecutor { + function execScript(bytes script, bytes input, address[] blacklist) external returns (bytes); + function executorType() external pure returns (bytes32); +} +// File: contracts/evmscript/IEVMScriptRegistry.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + +contract EVMScriptRegistryConstants { + /* Hardcoded constants to save gas + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = apmNamehash("evmreg"); + */ + bytes32 internal constant EVMSCRIPT_REGISTRY_APP_ID = 0xddbcfd564f642ab5627cf68b9b7d374fb4f8a36e941a75d89c87998cef03bd61; +} + + +interface IEVMScriptRegistry { + function addScriptExecutor(IEVMScriptExecutor executor) external returns (uint id); + function disableScriptExecutor(uint256 executorId) external; + + // TODO: this should be external + // See https://github.com/ethereum/solidity/issues/4832 + function getScriptExecutor(bytes script) public view returns (IEVMScriptExecutor); +} +// File: contracts/kernel/KernelConstants.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract KernelAppIds { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_APP_ID = apmNamehash("kernel"); + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = apmNamehash("acl"); + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = apmNamehash("vault"); + */ + bytes32 internal constant KERNEL_CORE_APP_ID = 0x3b4bf6bf3ad5000ecf0f989d5befde585c6860fea3e574a4fab4c49d1c177d9c; + bytes32 internal constant KERNEL_DEFAULT_ACL_APP_ID = 0xe3262375f45a6e2026b7e7b18c2b807434f2508fe1a2a3dfb493c7df8f4aad6a; + bytes32 internal constant KERNEL_DEFAULT_VAULT_APP_ID = 0x7e852e0fcfce6551c13800f1e7476f982525c2b5277ba14b24339c68416336d1; +} + + +contract KernelNamespaceConstants { + /* Hardcoded constants to save gas + bytes32 internal constant KERNEL_CORE_NAMESPACE = keccak256("core"); + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = keccak256("base"); + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = keccak256("app"); + */ + bytes32 internal constant KERNEL_CORE_NAMESPACE = 0xc681a85306374a5ab27f0bbc385296a54bcd314a1948b6cf61c4ea1bc44bb9f8; + bytes32 internal constant KERNEL_APP_BASES_NAMESPACE = 0xf1f3eb40f5bc1ad1344716ced8b8a0431d840b5783aea1fd01786bc26f35ac0f; + bytes32 internal constant KERNEL_APP_ADDR_NAMESPACE = 0xd6f028ca0e8edb4a8c9757ca4fdccab25fa1e0317da1188108f7d2dee14902fb; +} +// File: contracts/evmscript/EVMScriptRunner.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +contract EVMScriptRunner is AppStorage, Initializable, EVMScriptRegistryConstants, KernelNamespaceConstants { + string private constant ERROR_EXECUTOR_UNAVAILABLE = "EVMRUN_EXECUTOR_UNAVAILABLE"; + string private constant ERROR_EXECUTION_REVERTED = "EVMRUN_EXECUTION_REVERTED"; + string private constant ERROR_PROTECTED_STATE_MODIFIED = "EVMRUN_PROTECTED_STATE_MODIFIED"; + + event ScriptResult(address indexed executor, bytes script, bytes input, bytes returnData); + + function getEVMScriptExecutor(bytes _script) public view returns (IEVMScriptExecutor) { + return IEVMScriptExecutor(getEVMScriptRegistry().getScriptExecutor(_script)); + } + + function getEVMScriptRegistry() public view returns (IEVMScriptRegistry) { + address registryAddr = kernel().getApp(KERNEL_APP_ADDR_NAMESPACE, EVMSCRIPT_REGISTRY_APP_ID); + return IEVMScriptRegistry(registryAddr); + } + + function runScript(bytes _script, bytes _input, address[] _blacklist) + internal + isInitialized + protectState + returns (bytes) + { + // TODO: Too much data flying around, maybe extracting spec id here is cheaper + IEVMScriptExecutor executor = getEVMScriptExecutor(_script); + require(address(executor) != address(0), ERROR_EXECUTOR_UNAVAILABLE); + + bytes4 sig = executor.execScript.selector; + bytes memory data = abi.encodeWithSelector(sig, _script, _input, _blacklist); + require(address(executor).delegatecall(data), ERROR_EXECUTION_REVERTED); + + bytes memory output = returnedDataDecoded(); + + emit ScriptResult(address(executor), _script, _input, output); + + return output; + } + + /** + * @dev copies and returns last's call data. Needs to ABI decode first + */ + function returnedDataDecoded() internal pure returns (bytes ret) { + assembly { + let size := returndatasize + switch size + case 0 {} + default { + ret := mload(0x40) // free mem ptr get + mstore(0x40, add(ret, add(size, 0x20))) // free mem ptr set + returndatacopy(ret, 0x20, sub(size, 0x20)) // copy return data + } + } + return ret; + } + + modifier protectState { + address preKernel = address(kernel()); + bytes32 preAppId = appId(); + _; // exec + require(address(kernel()) == preKernel, ERROR_PROTECTED_STATE_MODIFIED); + require(appId() == preAppId, ERROR_PROTECTED_STATE_MODIFIED); + } +} +// File: contracts/acl/ACLSyntaxSugar.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + +contract ACLSyntaxSugar { + function arr() internal pure returns (uint256[]) {} + + function arr(bytes32 _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(bytes32 _a, bytes32 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a) internal pure returns (uint256[] r) { + return arr(uint256(_a)); + } + + function arr(address _a, address _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c); + } + + function arr(address _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + return arr(uint256(_a), _b, _c, _d); + } + + function arr(address _a, uint256 _b) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b)); + } + + function arr(address _a, address _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), _c, _d, _e); + } + + function arr(address _a, address _b, address _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(address _a, address _b, uint256 _c) internal pure returns (uint256[] r) { + return arr(uint256(_a), uint256(_b), uint256(_c)); + } + + function arr(uint256 _a) internal pure returns (uint256[] r) { + r = new uint256[](1); + r[0] = _a; + } + + function arr(uint256 _a, uint256 _b) internal pure returns (uint256[] r) { + r = new uint256[](2); + r[0] = _a; + r[1] = _b; + } + + function arr(uint256 _a, uint256 _b, uint256 _c) internal pure returns (uint256[] r) { + r = new uint256[](3); + r[0] = _a; + r[1] = _b; + r[2] = _c; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d) internal pure returns (uint256[] r) { + r = new uint256[](4); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + } + + function arr(uint256 _a, uint256 _b, uint256 _c, uint256 _d, uint256 _e) internal pure returns (uint256[] r) { + r = new uint256[](5); + r[0] = _a; + r[1] = _b; + r[2] = _c; + r[3] = _d; + r[4] = _e; + } +} + + +contract ACLHelpers { + function decodeParamOp(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 30)); + } + + function decodeParamId(uint256 _x) internal pure returns (uint8 b) { + return uint8(_x >> (8 * 31)); + } + + function decodeParamsList(uint256 _x) internal pure returns (uint32 a, uint32 b, uint32 c) { + a = uint32(_x); + b = uint32(_x >> (8 * 4)); + c = uint32(_x >> (8 * 8)); + } +} +// File: contracts/apps/AragonApp.sol +/* + * SPDX-License-Identitifer: MIT + */ + +pragma solidity ^0.4.24; + + + + + + + +// Contracts inheriting from AragonApp are, by default, immediately petrified upon deployment so +// that they can never be initialized. +// Unless overriden, this behaviour enforces those contracts to be usable only behind an AppProxy. +// ACLSyntaxSugar and EVMScriptRunner are not directly used by this contract, but are included so +// that they are automatically usable by subclassing contracts +contract AragonApp is AppStorage, Autopetrified, VaultRecoverable, EVMScriptRunner, ACLSyntaxSugar { + string private constant ERROR_AUTH_FAILED = "APP_AUTH_FAILED"; + + modifier auth(bytes32 _role) { + require(canPerform(msg.sender, _role, new uint256[](0)), ERROR_AUTH_FAILED); + _; + } + + modifier authP(bytes32 _role, uint256[] _params) { + require(canPerform(msg.sender, _role, _params), ERROR_AUTH_FAILED); + _; + } + + /** + * @dev Check whether an action can be performed by a sender for a particular role on this app + * @param _sender Sender of the call + * @param _role Role on this app + * @param _params Permission params for the role + * @return Boolean indicating whether the sender has the permissions to perform the action. + * Always returns false if the app hasn't been initialized yet. + */ + function canPerform(address _sender, bytes32 _role, uint256[] _params) public view returns (bool) { + if (!hasInitialized()) { + return false; + } + + IKernel linkedKernel = kernel(); + if (address(linkedKernel) == address(0)) { + return false; + } + + // Force cast the uint256[] into a bytes array, by overwriting its length + // Note that the bytes array doesn't need to be initialized as we immediately overwrite it + // with _params and a new length, and _params becomes invalid from this point forward + bytes memory how; + uint256 byteLength = _params.length * 32; + assembly { + how := _params + mstore(how, byteLength) + } + return linkedKernel.hasPermission(_sender, address(this), _role, how); + } + + /** + * @dev Get the recovery vault for the app + * @return Recovery vault address for the app + */ + function getRecoveryVault() public view returns (address) { + // Funds recovery via a vault is only available when used with a kernel + return kernel().getRecoveryVault(); // if kernel is not set, it will revert + } +} +// File: contracts/apm/Repo.sol +/* solium-disable function-order */ +// Allow public initialize() to be first +contract Repo is AragonApp { + /* Hardcoded constants to save gas + bytes32 public constant CREATE_VERSION_ROLE = keccak256("CREATE_VERSION_ROLE"); + */ + bytes32 public constant CREATE_VERSION_ROLE = 0x1f56cfecd3595a2e6cc1a7e6cb0b20df84cdbd92eff2fee554e70e4e45a9a7d8; + + string private constant ERROR_INVALID_BUMP = "REPO_INVALID_BUMP"; + string private constant ERROR_INVALID_VERSION = "REPO_INVALID_VERSION"; + string private constant ERROR_INEXISTENT_VERSION = "REPO_INEXISTENT_VERSION"; + + struct Version { + uint16[3] semanticVersion; + address contractAddress; + bytes contentURI; + } + + uint256 internal versionsNextIndex; + mapping (uint256 => Version) internal versions; + mapping (bytes32 => uint256) internal versionIdForSemantic; + mapping (address => uint256) internal latestVersionIdForContract; + + event NewVersion(uint256 versionId, uint16[3] semanticVersion); + + /** + * @dev Initialize can only be called once. It saves the block number in which it was initialized. + * @notice Initializes a Repo to be usable + */ + function initialize() public onlyInit { + initialized(); + versionsNextIndex = 1; + } + + /** + * @notice Create new version for repo + * @param _newSemanticVersion Semantic version for new repo version + * @param _contractAddress address for smart contract logic for version (if set to 0, it uses last versions' contractAddress) + * @param _contentURI External URI for fetching new version's content + */ + function newVersion( + uint16[3] _newSemanticVersion, + address _contractAddress, + bytes _contentURI + ) public auth(CREATE_VERSION_ROLE) + { + address contractAddress = _contractAddress; + uint256 lastVersionIndex = versionsNextIndex - 1; + + uint16[3] memory lastSematicVersion; + + if (lastVersionIndex > 0) { + Version storage lastVersion = versions[lastVersionIndex]; + lastSematicVersion = lastVersion.semanticVersion; + + if (contractAddress == address(0)) { + contractAddress = lastVersion.contractAddress; + } + // Only allows smart contract change on major version bumps + require( + lastVersion.contractAddress == contractAddress || _newSemanticVersion[0] > lastVersion.semanticVersion[0], + ERROR_INVALID_VERSION + ); + } + + require(isValidBump(lastSematicVersion, _newSemanticVersion), ERROR_INVALID_BUMP); + + uint256 versionId = versionsNextIndex++; + versions[versionId] = Version(_newSemanticVersion, contractAddress, _contentURI); + versionIdForSemantic[semanticVersionHash(_newSemanticVersion)] = versionId; + latestVersionIdForContract[contractAddress] = versionId; + + emit NewVersion(versionId, _newSemanticVersion); + } + + function getLatest() public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + return getByVersionId(versionsNextIndex - 1); + } + + function getLatestForContractAddress(address _contractAddress) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(latestVersionIdForContract[_contractAddress]); + } + + function getBySemanticVersion(uint16[3] _semanticVersion) + public + view + returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) + { + return getByVersionId(versionIdForSemantic[semanticVersionHash(_semanticVersion)]); + } + + function getByVersionId(uint _versionId) public view returns (uint16[3] semanticVersion, address contractAddress, bytes contentURI) { + require(_versionId > 0 && _versionId < versionsNextIndex, ERROR_INEXISTENT_VERSION); + Version storage version = versions[_versionId]; + return (version.semanticVersion, version.contractAddress, version.contentURI); + } + + function getVersionsCount() public view returns (uint256) { + return versionsNextIndex - 1; + } + + function isValidBump(uint16[3] _oldVersion, uint16[3] _newVersion) public pure returns (bool) { + bool hasBumped; + uint i = 0; + while (i < 3) { + if (hasBumped) { + if (_newVersion[i] != 0) { + return false; + } + } else if (_newVersion[i] != _oldVersion[i]) { + if (_oldVersion[i] > _newVersion[i] || _newVersion[i] - _oldVersion[i] != 1) { + return false; + } + hasBumped = true; + } + i++; + } + return hasBumped; + } + + function semanticVersionHash(uint16[3] version) internal pure returns (bytes32) { + return keccak256(abi.encodePacked(version[0], version[1], version[2])); + } +} \ No newline at end of file diff --git a/environments/rinkeby/democracy-kit.aragonpm.eth/democracy-kit.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/democracy-kit.aragonpm.eth/democracy-kit.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..6162942 Binary files /dev/null and b/environments/rinkeby/democracy-kit.aragonpm.eth/democracy-kit.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/deploys.yml b/environments/rinkeby/deploys.yml new file mode 100644 index 0000000..a769a7c --- /dev/null +++ b/environments/rinkeby/deploys.yml @@ -0,0 +1,63 @@ +voting.aragonpm.eth: + github: 'https://github.com/aragon/aragon-apps/tree/[ref]/apps/voting' + versions: + 1.0.0: + date: 2018-10-26T16:29:21.000Z + txHash: '0x71ab3dc496e7e1dd6af04e77cf870ffec622be647ef8d1880c9d8f99cd29838a' + ipfsHash: QmQHhcbZRoTKkbjWdwXwqqWZzTNHUFzECPrfqie8f8oq45 + contractAddress: '0x8C06aEBF29F20A2e09b32F5d44cEa49Db3EC2eE0' + commitHash: 96855bfe96a3539e919d7469f6d60b8271ddba75 +token-manager.aragonpm.eth: + github: 'https://github.com/aragon/aragon-apps/tree/[ref]/apps/token-manager' + versions: + 1.0.0: + date: 2018-10-26T16:34:06.000Z + txHash: '0x7684196cadc938499ecc1f0f6704c1be0eb64757757895b66d1ce6639f4aa374' + ipfsHash: QmTwm6Jvg6GsFshtp69fq8Nz887cu1oPvW3K7iPgNjNW7V + contractAddress: '0x3Ec5e6239A90332A13155F5d7382E0DB70C36A8a' + commitHash: 96855bfe96a3539e919d7469f6d60b8271ddba75 +finance.aragonpm.eth: + github: 'https://github.com/aragon/aragon-apps/tree/[ref]/apps/finance' + versions: + 1.0.0: + date: 2018-10-26T16:38:06.000Z + txHash: '0x9bfb684c35cd2759654645ddd0dd1fe3b2f29cda512130cb80a42a5bb087bb1d' + ipfsHash: QmbgyU2ug7REHxKr53n9PhXDuZvQXDdTSRt1vunkTALQQu + contractAddress: '0x084Db627c7c7714Dc7BeFA8521cb93696DE84fF3' + commitHash: 96855bfe96a3539e919d7469f6d60b8271ddba75 +vault.aragonpm.eth: + github: 'https://github.com/aragon/aragon-apps/tree/[ref]/apps/vault' + versions: + 1.0.0: + date: 2018-10-26T16:39:36.000Z + txHash: '0xe8a766048d11aaaf5ce8a9354aaa8c008428c5552721892ff4b691232f0bae27' + ipfsHash: QmcgWR8u3oiCRFn7xCR8oenk85k5vXvimNwzxJNJKGWuhz + contractAddress: '0x9153d1D442D79E09717462c2A04F92ac6cFFa462' + commitHash: 96855bfe96a3539e919d7469f6d60b8271ddba75 +democracy-kit.aragonpm.eth: + github: 'https://github.com/aragon/dao-kits/tree/[ref]/kits/democracy' + versions: + 1.0.0: + date: 2018-10-26T16:59:06.000Z + txHash: '0x5a39226bd20f49263daf3ecf6a02dcd23be40f39621d7d3edbd85ba7ab7abc30' + ipfsHash: QmVPEbgJzAdjN1Q4H2VYhpxh3VYRvN5QQDU24kgwjsEtCs + contractAddress: '0x89D31C0AFD8367960fc0c9d11225630d4944550E' + commitHash: 36c1db1e63b3c1c8aa3a2790a0b876559d8605de +multisig-kit.aragonpm.eth: + github: 'https://github.com/aragon/dao-kits/tree/[ref]/kits/multisig' + versions: + 1.0.0: + date: 2018-10-26T17:06:06.000Z + txHash: '0x0446836e448330337eb81d671d5e7fbdc197844fe3c0d04a9931edc9de902a7b' + ipfsHash: QmXVacmV6q9KRTEhtUfdgHamBN5N2XGMVf254MPerN3HFk + contractAddress: '0x01F2e9CDAac527Ffef1B9869d4C0B33357c0A2Bc' + commitHash: 36c1db1e63b3c1c8aa3a2790a0b876559d8605de +aragon.aragonpm.eth: + github: 'https://github.com/aragon/aragon/tree/[ref]' + versions: + 1.0.0: + date: 2018-10-26T17:33:36.000Z + txHash: '0xd49d91e574a31ce4b42f5f4533cfc586f4b4916290fc75e83ce31ad51fe1ec18' + ipfsHash: QmeHKco2Ve8vdBG2Kf5hrcRp2fEEFWpxcBQ3cZMDTn9Y89 + contractAddress: '0x0000000000000000000000000000000000000000' + commitHash: 1207e2f69975ae83b03c586fc96e792dc2121da5 diff --git a/environments/rinkeby/finance.aragonpm.eth/finance.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/finance.aragonpm.eth/finance.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..acf19b3 Binary files /dev/null and b/environments/rinkeby/finance.aragonpm.eth/finance.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/multisig-kit.aragonpm.eth/multisig-kit.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/multisig-kit.aragonpm.eth/multisig-kit.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..1ad5cb4 Binary files /dev/null and b/environments/rinkeby/multisig-kit.aragonpm.eth/multisig-kit.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/permissions.yml b/environments/rinkeby/permissions.yml new file mode 100644 index 0000000..a379da6 --- /dev/null +++ b/environments/rinkeby/permissions.yml @@ -0,0 +1,41 @@ +- address: '0xbA2bAdbbB8224e1966f33bf08d667Ddc09b720ff' + owner: Aragon One testnet cold wallet + organization: Aragon One + permissions: + - aragonpm.eth: + - 'APMRegistry::CREATE_REPO_ROLE' + - 'Kernel::APP_MANAGER_ROLE' + - 'ACL::CREATE_PERMISSIONS_ROLE' + - finance.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - vault.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - voting.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - token-manager.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - democracy-kit.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - multisig-kit.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - aragon.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + manager: + - aragonpm.eth: + - 'APMRegistry::CREATE_REPO_ROLE' + - 'Kernel::APP_MANAGER_ROLE' + - 'ACL::CREATE_PERMISSIONS_ROLE' + - finance.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - vault.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - voting.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - token-manager.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - democracy-kit.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - multisig-kit.aragonpm.eth: + - 'CREATE_VERSION_ROLE' + - aragon.aragonpm.eth: + - 'CREATE_VERSION_ROLE' diff --git a/environments/rinkeby/readme.md b/environments/rinkeby/readme.md new file mode 100644 index 0000000..29c0f38 --- /dev/null +++ b/environments/rinkeby/readme.md @@ -0,0 +1,214 @@ +# Staging + +- [Permissions](./permissions.yml) +- [APM publish history](./deploys.yml) + +## Artifacts + +- ENS: `0x98df287b6c145399aaa709692c8d308357bc085d` +- DAOFactory: `0x2298d27a9b847c681d2b2c2828ab9d79013f5f1d` +- APM: `0xda897630fa0f1902f99623bc00e18acd12657d4f` + +## Deployment + +- Version: Aragon Core 0.6 RC 2 +- Start date: Oct 25th 2018, 5.42pm CEST +- Finish date: Oct 25th 2018, 7.40pm CEST +- Deployer: ([@izqui](https://github.com/izqui)) [`0x4cB3FD420555A09bA98845f0B816e45cFb230983`](https://rinkeby.etherscan.io/address/0x4cB3FD420555A09bA98845f0B816e45cFb230983) and Aragon One testnet cold wallet [`0xbA2bAdbbB8224e1966f33bf08d667Ddc09b720ff`](https://rinkeby.etherscan.io/address/0xbA2bAdbbB8224e1966f33bf08d667Ddc09b720ff) +- aragonOS commit hash: [`b5c0a98be5e404bb252e88efc65123c2db650839`](https://github.com/aragon/aragonOS/tree/b5c0a98be5e404bb252e88efc65123c2db650839) +- aragon-id commit hash: [`e33d18d6a78dbcb97bef02b4df52a7dff60b3ef2`](https://github.com/aragon/aragon-id/tree/e33d18d6a78dbcb97bef02b4df52a7dff60b3ef2) + +### ENS + +Commands: +``` +npx truffle compile --all +npx truffle exec --network rinkeby scripts/deploy-test-ens.js +``` + +Output: +``` +No OWNER environment variable passed, setting ENS owner to provider's account: 0x4cb3fd420555a09ba98845f0b816e45cfb230983 +Deploying ENSFactory... +========= +# ENSFactory: +Address: 0xcad0d7a5be19065e067353801373cac6f3a97de5 +Transaction hash: 0x99aaa57f55048eab22c693f9089cc90e57bfd7f2454d5f99c3d69cf1515d2b1e +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T15:41:50.466Z +========= +==================== +Deployed ENS: 0x98df287b6c145399aaa709692c8d308357bc085d +0x98df287b6c145399aaa709692c8d308357bc085d +``` + +Creating `aragonpm.eth` and `aragonid.eth` names: +- `aragonpm.eth`: [`0xa0702d19d3752abf884d9b76a68ab12b7cd304a004ebf9ab62c7e911af708d62`](https://rinkeby.etherscan.io/tx/0xa0702d19d3752abf884d9b76a68ab12b7cd304a004ebf9ab62c7e911af708d62) +- `aragonid.eth`: [`0x2beb33bda5c80b649932d8792947dbdd648f4048794f7769ce2d8e3efea1a100`](https://rinkeby.etherscan.io/tx/0x2beb33bda5c80b649932d8792947dbdd648f4048794f7769ce2d8e3efea1a100) + + +### aragonOS + +Commands: +``` +npx truffle compile --all +npx truffle exec --network rinkeby scripts/deploy-daofactory.js +``` + +Output: +``` +========= +# Kernel: +Address: 0x3e79ec0f5e60d305fe8d774c2484da701e778c3d +Transaction hash: 0x6407cab7081b07b99199ea0e4fc542fff537f67fb1e54386ba1c57e72ee2e360 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.492Z +========= +========= +# ACL: +Address: 0x3ae935e863984ecffc980bf67bd73f56a41b94ea +Transaction hash: 0x6e407efca7e3defe0fa310a915d7e2d4fe0fffa981d06def0f7ec2986eae9dc9 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.465Z +========= +========= +# EVMScriptRegistryFactory: +Address: 0xce25afae0ca1fb66fc14585e575fce6e202673e6 +Transaction hash: 0x1c255ae3791b133aa1fd0b105fbbe4eb88de8a0e21524b499bc96a339eb0db42 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.491Z +========= +========= +# DAOFactory: +Address: 0x2298d27a9b847c681d2b2c2828ab9d79013f5f1d +Transaction hash: 0xe53de8ab834af2fa757d8795ad21b742c9398fc49a6eae7ad83867da2baeb077 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.490Z +========= +``` + +### APM + +Commands: +``` +DAO_FACTORY=0x2298d27a9b847c681d2b2c2828ab9d79013f5f1d ENS=0x98df287b6c145399aaa709692c8d308357bc085d OWNER=0xbA2bAdbbB8224e1966f33bf08d667Ddc09b720ff npx truffle exec --network rinkeby scripts/deploy-apm.js +``` + +Output: +``` +Deploying APM... +Owner: 0xbA2bAdbbB8224e1966f33bf08d667Ddc09b720ff +ENS: 0x98df287b6c145399aaa709692c8d308357bc085d +TLD: eth (0x93cdeb708b7545dc668eb9280176169d1c33cfd8ed6f04690a0bcc88a93fc4ae) +Label: aragonpm (0x1542111b4698ac085139692eae7c6efb632a4ae2779f8686da94511ebbbff594) +========= +Deploying APM bases... +========= +# APMRegistry: +Address: 0xdda8dc1bc20e2900a5aad4cb2c64e976086c9d50 +Transaction hash: 0x4ef5362b4121869d4cc16dcd668ccbb6770ff10a03ac6ffe41df1ca2341cf62a +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.475Z +========= +========= +# Repo: +Address: 0x9be2515f7b3a5bdf0f41bea9c3b58a61ca0a2c8c +Transaction hash: 0x69e42377f2558f916fdf626df06ee88b84def612944ab63704c9bc1be51dc65c +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.477Z +========= +========= +# ENSSubdomainRegistrar: +Address: 0xd02358c9788ab5aba5bd1ee32272c46d73afe65d +Transaction hash: 0xcd841911e22dad1f7e2829d4f9f35039062cd3f10a0565668565103dc38139b3 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.483Z +========= +Using provided DAOFactory (with EVMScripts): 0x2298d27a9b847c681d2b2c2828ab9d79013f5f1d +Deploying APMRegistryFactory... +========= +# APMRegistryFactory: +Address: 0x47c0beb14860eed8f9d83388f9b2c66fe50d848c +Transaction hash: 0x088ef5d6bdba2c319dcc2a6e3c2124a9ada4fd214f49294a3a69e224de45ba07 +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T17:18:44.488Z +========= +Assigning ENS name (aragonpm.eth) to factory... +Transferring name ownership from deployer to APMRegistryFactory +Deploying APM... +========= +# APM: +Address: 0xda897630fa0f1902f99623bc00e18acd12657d4f +Transaction hash: 0x9e9184fc3a5257e5450e32f29192f79a78056271e65c19b2e0a15fb1adfaef33 +========= +``` + +### Aragon ID + + +``` +ENS=0x98df287b6c145399aaa709692c8d308357bc085d npx truffle exec --network rinkeby scripts/deploy-beta-aragonid.js +``` + +Output: +``` +Deploying AragonID with ENS: 0x98df287b6c145399aaa709692c8d308357bc085d and owner: undefined +========= +# FIFSResolvingRegistrar: +Address: 0x3665e7bfd4d3254ae7796779800f5b603c43c60d +Transaction hash: 0x425bbff845d9379b35b4c59a62b0e34d1a6a1ebdc06e65522acd6e0016c00d6b +Compiler: solc@0.4.24+commit.e67f0147.Emscripten.clang (Optimizer: 10000 runs) +Compiled at: 2018-10-25T19:03:35.101Z +========= +assigning ENS name to AragonID +Transferring name ownership from deployer to AragonID +=========== +Deployed AragonID: 0x3665e7bfd4d3254ae7796779800f5b603c43c60d +``` + +### Aragon Apps + +Deployed: `finance`, `vault`, `voting`, `token-manager` +Command: +``` +rm -rf build +rm -rf app/build +aragon apm publish 1.0.0 --environment rinkeby --files app/build +``` + +Details of the deployment can be found in [`deploys.yml`](./deploys.yml) + +Final versions: + +- `finance.aragonpm.eth`: `1.0.0` +- `token-manager.aragonpm.eth`: `1.0.0` +- `vault.aragonpm.eth`: `1.0.0` +- `voting.aragonpm.eth`: `1.0.0` + +### DAO kits + +Deployed: `democracy-kit`, `multisig-kit` +Command: +``` +DAO_FACTORY=0x2298d27a9b847c681d2b2c2828ab9d79013f5f1d npm run publish:rinkeby +``` + +Details of the deployment can be found in [`deploys.yml`](./deploys.yml) + +Final versions: + +- `democracy-kit.aragonpm.eth`: `1.0.0` +- `multisig-kit.aragonpm.eth`: `1.0.0` + +### Aragon Core + +Command: +``` +npm run publish:rinkeby:major +``` + +Details of the deployment can be found in [`deploys.yml`](./deploys.yml) + +Final versions: + +- `aragon.aragonpm.eth`: `1.0.0` diff --git a/environments/rinkeby/token-manager.aragonpm.eth/token-manager.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/token-manager.aragonpm.eth/token-manager.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..9fb1344 Binary files /dev/null and b/environments/rinkeby/token-manager.aragonpm.eth/token-manager.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/vault.aragonpm.eth/vault.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/vault.aragonpm.eth/vault.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..f866e72 Binary files /dev/null and b/environments/rinkeby/vault.aragonpm.eth/vault.aragonpm.eth@1.0.0.tar.gz differ diff --git a/environments/rinkeby/voting.aragonpm.eth/voting.aragonpm.eth@1.0.0.tar.gz b/environments/rinkeby/voting.aragonpm.eth/voting.aragonpm.eth@1.0.0.tar.gz new file mode 100644 index 0000000..1ce8af5 Binary files /dev/null and b/environments/rinkeby/voting.aragonpm.eth/voting.aragonpm.eth@1.0.0.tar.gz differ diff --git a/scripts/helpers/environments.js b/scripts/helpers/environments.js index 8fa5e29..838835f 100644 --- a/scripts/helpers/environments.js +++ b/scripts/helpers/environments.js @@ -12,7 +12,7 @@ module.exports = { node: 'https://rinkeby.infura.io', }, 'rinkeby': { - ens: '', + ens: '0x98Df287B6C145399Aaa709692c8D308357bC085D', node: 'https://rinkeby.infura.io', }, 'staging': {