Simple allocator

.github/workflows/semgrep.yml

@@ -11,7 +11,7 @@ on:
 jobs:
   semgrep:
     name: semgrep/ci
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     env:
       SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
     container:

.github/workflows/test.yaml

@@ -24,7 +24,7 @@ jobs:
       - name: Install Foundry
         uses: foundry-rs/foundry-toolchain@v1
         with:
-          version: nightly
+          version: stable
 
       - name: Run Forge build
         run: |

foundry.toml

@@ -5,14 +5,14 @@ libs = ["lib"]
 optimizer = true
 optimizer_runs = 999999
 via_ir = true
-solc = "0.8.27"
+solc = "0.8.28"
 verbosity = 2
 ffi = true
+evm_version = "cancun"
 fs_permissions = [
   { access = "read-write", path = ".forge-snapshots"},
   { access = "read", path = "script/" }
 ]
-
 remappings = [
   "forge-std=lib/forge-std/src",
   "@openzeppelin/contracts=lib/openzeppelin-contracts/contracts",
@@ -21,13 +21,15 @@ remappings = [
   "@solady=lib/solady/src",
 ]
 
-additional_compiler_profiles = [
-  { name = "test", via_ir = false }
-]
+[profile.ci]
+inherit = "default"
+optimizer_runs = 200  # Override optimizer runs to reduce the compact contract sizes
+bytecode_hash = 'none'
 
-compilation_restrictions = [
-  { paths = "test/**", via_ir = false }
-]
+[profile.pr]
+inherit = "default"
+optimizer_runs = 200  # Override optimizer runs to reduce the compact contract sizes
+bytecode_hash = 'none'
 
 [profile.default.fuzz]
 runs = 1000

src/allocators/SimpleAllocator.sol

@@ -0,0 +1,221 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {IAllocator} from '../interfaces/IAllocator.sol';
+import {ISimpleAllocator} from '../interfaces/ISimpleAllocator.sol';
+import {IERC1271} from '@openzeppelin/contracts/interfaces/IERC1271.sol';
+import {ERC6909} from '@solady/tokens/ERC6909.sol';
+import {ITheCompact} from '@uniswap/the-compact/interfaces/ITheCompact.sol';
+import {ResetPeriod} from '@uniswap/the-compact/lib/IdLib.sol';
+import {Compact} from '@uniswap/the-compact/types/EIP712Types.sol';
+import {ForcedWithdrawalStatus} from '@uniswap/the-compact/types/ForcedWithdrawalStatus.sol';
+
+contract SimpleAllocator is ISimpleAllocator {
+    // keccak256("Compact(address arbiter,address sponsor,uint256 nonce,uint256 expires,uint256 id,uint256 amount)")
+    bytes32 constant COMPACT_TYPEHASH = 0xcdca950b17b5efc016b74b912d8527dfba5e404a688cbc3dab16cb943287fec2;
+
+    address public immutable COMPACT_CONTRACT;
+    uint256 public immutable MIN_WITHDRAWAL_DELAY;
+    uint256 public immutable MAX_WITHDRAWAL_DELAY;
+
+    /// @dev mapping of tokenHash to the expiration of the lock
+    mapping(bytes32 tokenHash => uint256 expiration) internal _claim;
+    /// @dev mapping of tokenHash to the amount of the lock
+    mapping(bytes32 tokenHash => uint256 amount) internal _amount;
+    /// @dev mapping of tokenHash to the nonce of the lock
+    mapping(bytes32 tokenHash => uint256 nonce) internal _nonce;
+    /// @dev mapping of the lock digest to the tokenHash of the lock
+    mapping(bytes32 digest => bytes32 tokenHash) internal _sponsor;
+
+    constructor(address compactContract_, uint256 minWithdrawalDelay_, uint256 maxWithdrawalDelay_) {
+        COMPACT_CONTRACT = compactContract_;
+        MIN_WITHDRAWAL_DELAY = minWithdrawalDelay_;
+        MAX_WITHDRAWAL_DELAY = maxWithdrawalDelay_;
+
+        ITheCompact(COMPACT_CONTRACT).__registerAllocator(address(this), '');
+    }
+
+    /// @inheritdoc ISimpleAllocator
+    function lock(Compact calldata compact_) external {
+        bytes32 tokenHash = _checkAllocation(compact_, true);
+
+        bytes32 digest = keccak256(
+            abi.encodePacked(
+                bytes2(0x1901),
+                ITheCompact(COMPACT_CONTRACT).DOMAIN_SEPARATOR(),
+                keccak256(
+                    abi.encode(
+                        COMPACT_TYPEHASH,
+                        compact_.arbiter,
+                        compact_.sponsor,
+                        compact_.nonce,
+                        compact_.expires,
+                        compact_.id,
+                        compact_.amount
+                    )
+                )
+            )
+        );
+
+        _claim[tokenHash] = compact_.expires;
+        _amount[tokenHash] = compact_.amount;
+        _nonce[tokenHash] = compact_.nonce;
+        _sponsor[digest] = tokenHash;
+
+        emit Locked(compact_.sponsor, compact_.id, compact_.amount, compact_.expires);
+    }
+
+    /// @inheritdoc IAllocator
+    function attest(address, address from_, address, uint256 id_, uint256 amount_) external view returns (bytes4) {
+        if (msg.sender != COMPACT_CONTRACT) {
+            revert InvalidCaller(msg.sender, COMPACT_CONTRACT);
+        }
+        uint256 balance = ERC6909(COMPACT_CONTRACT).balanceOf(from_, id_);
+        // Check unlocked balance
+        bytes32 tokenHash = _getTokenHash(id_, from_);
+
+        uint256 fullAmount = amount_;
+        if (_claim[tokenHash] > block.timestamp) {
+            // Lock is still active, add the locked amount if the nonce has not yet been consumed
+            fullAmount += ITheCompact(COMPACT_CONTRACT).hasConsumedAllocatorNonce(_nonce[tokenHash], address(this))
+                ? 0
+                : _amount[tokenHash];
+        }
+        if (balance < fullAmount) {
+            revert InsufficientBalance(from_, id_, balance, fullAmount);
+        }
+
+        return this.attest.selector;
+    }
+
+    /// @inheritdoc IERC1271
+    /// @dev we trust the compact contract to check the nonce is not already consumed
+    function isValidSignature(bytes32 hash, bytes calldata) external view returns (bytes4 magicValue) {
+        // The hash is the digest of the compact
+        bytes32 tokenHash = _sponsor[hash];
+        if (tokenHash == bytes32(0) || _claim[tokenHash] <= block.timestamp) {
+            revert InvalidLock(hash, _claim[tokenHash]);
+        }
+
+        return IERC1271.isValidSignature.selector;
+    }
+
+    /// @inheritdoc ISimpleAllocator
+    function checkTokensLocked(uint256 id_, address sponsor_)
+        external
+        view
+        returns (uint256 amount_, uint256 expires_)
+    {
+        bytes32 tokenHash = _getTokenHash(id_, sponsor_);
+        uint256 expires = _claim[tokenHash];
+        if (
+            expires <= block.timestamp
+                || ITheCompact(COMPACT_CONTRACT).hasConsumedAllocatorNonce(_nonce[tokenHash], address(this))
+        ) {
+            return (0, 0);
+        }
+
+        return (_amount[tokenHash], expires);
+    }
+
+    /// @inheritdoc ISimpleAllocator
+    function checkCompactLocked(Compact calldata compact_) external view returns (bool locked_, uint256 expires_) {
+        bytes32 tokenHash = _getTokenHash(compact_.id, compact_.sponsor);
+        bytes32 digest = keccak256(
+            abi.encodePacked(
+                bytes2(0x1901),
+                ITheCompact(COMPACT_CONTRACT).DOMAIN_SEPARATOR(),
+                keccak256(
+                    abi.encode(
+                        COMPACT_TYPEHASH,
+                        compact_.arbiter,
+                        compact_.sponsor,
+                        compact_.nonce,
+                        compact_.expires,
+                        compact_.id,
+                        compact_.amount
+                    )
+                )
+            )
+        );
+        uint256 expires = _claim[tokenHash];
+        bool active = _sponsor[digest] == tokenHash && expires > block.timestamp
+            && !ITheCompact(COMPACT_CONTRACT).hasConsumedAllocatorNonce(_nonce[tokenHash], address(this));
+        if (active) {
+            (ForcedWithdrawalStatus status, uint256 forcedWithdrawalAvailableAt) =
+                ITheCompact(COMPACT_CONTRACT).getForcedWithdrawalStatus(compact_.sponsor, compact_.id);
+            if (status == ForcedWithdrawalStatus.Enabled && forcedWithdrawalAvailableAt < expires) {
+                expires = forcedWithdrawalAvailableAt;
+                active = expires > block.timestamp;
+            }
+        }
+        return (active, active ? expires : 0);
+    }
+
+    function _getTokenHash(uint256 id_, address sponsor_) internal pure returns (bytes32) {
+        return keccak256(abi.encode(id_, sponsor_));
+    }
+
+    function _checkAllocation(Compact memory compact_, bool checkSponsor_) internal view returns (bytes32) {
+        // Check msg.sender is sponsor
+        if (checkSponsor_ && msg.sender != compact_.sponsor) {
+            revert InvalidCaller(msg.sender, compact_.sponsor);
+        }
+        bytes32 tokenHash = _getTokenHash(compact_.id, compact_.sponsor);
+        // Check no lock is already active for this sponsor
+        if (
+            _claim[tokenHash] > block.timestamp
+                && !ITheCompact(COMPACT_CONTRACT).hasConsumedAllocatorNonce(_nonce[tokenHash], address(this))
+        ) {
+            revert ClaimActive(compact_.sponsor);
+        }
+        // Check expiration is not too soon or too late
+        if (
+            compact_.expires < block.timestamp + MIN_WITHDRAWAL_DELAY
+                || compact_.expires > block.timestamp + MAX_WITHDRAWAL_DELAY
+        ) {
+            revert InvalidExpiration(compact_.expires);
+        }
+        (, address allocator, ResetPeriod resetPeriod,) = ITheCompact(COMPACT_CONTRACT).getLockDetails(compact_.id);
+        if (allocator != address(this)) {
+            revert InvalidAllocator(allocator);
+        }
+        // Check expiration is not longer then the tokens forced withdrawal time
+        if (compact_.expires > block.timestamp + _resetPeriodToSeconds(resetPeriod)) {
+            revert ForceWithdrawalAvailable(compact_.expires, block.timestamp + _resetPeriodToSeconds(resetPeriod));
+        }
+        // Check expiration is not past an active force withdrawal
+        (, uint256 forcedWithdrawalExpiration) =
+            ITheCompact(COMPACT_CONTRACT).getForcedWithdrawalStatus(compact_.sponsor, compact_.id);
+        if (forcedWithdrawalExpiration != 0 && forcedWithdrawalExpiration < compact_.expires) {
+            revert ForceWithdrawalAvailable(compact_.expires, forcedWithdrawalExpiration);
+        }
+        // Check nonce is not yet consumed
+        if (ITheCompact(COMPACT_CONTRACT).hasConsumedAllocatorNonce(compact_.nonce, address(this))) {
+            revert NonceAlreadyConsumed(compact_.nonce);
+        }
+
+        uint256 balance = ERC6909(COMPACT_CONTRACT).balanceOf(compact_.sponsor, compact_.id);
+        // Check balance is enough
+        if (balance < compact_.amount) {
+            revert InsufficientBalance(compact_.sponsor, compact_.id, balance, compact_.amount);
+        }
+
+        return tokenHash;
+    }
+
+    /// @dev copied from IdLib.sol
+    function _resetPeriodToSeconds(ResetPeriod resetPeriod_) internal pure returns (uint256 duration) {
+        assembly ("memory-safe") {
+            // Bitpacked durations in 24-bit segments:
+            // 278d00  094890  015180  000f3c  000258  00003c  00000f  000001
+            // 30 days 7 days  1 day   1 hour  10 min  1 min   15 sec  1 sec
+            let bitpacked := 0x278d00094890015180000f3c00025800003c00000f000001
+
+            // Shift right by period * 24 bits & mask the least significant 24 bits.
+            duration := and(shr(mul(resetPeriod_, 24), bitpacked), 0xffffff)
+        }
+        return duration;
+    }
+}

src/allocators/types/TribunalStructs.sol

@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.27;
+
+import {Compact} from '@uniswap/the-compact/types/EIP712Types.sol';
+
+struct Claim {
+    uint256 chainId; // Claim processing chain ID
+    Compact compact;
+    bytes sponsorSignature; // Authorization from the sponsor
+    bytes allocatorSignature; // Authorization from the allocator
+}
+
+struct Mandate {
+    // uint256 chainId; // (implicit arg, included in EIP712 payload).
+    // address tribunal; // (implicit arg, included in EIP712 payload).
+    address recipient; // Recipient of filled tokens.
+    uint256 expires; // Mandate expiration timestamp.
+    address token; // Fill token (address(0) for native).
+    uint256 minimumAmount; // Minimum fill amount.
+    uint256 baselinePriorityFee; // Base fee threshold where scaling kicks in.
+    uint256 scalingFactor; // Fee scaling multiplier (1e18 baseline).
+    uint256[] decayCurve; // Block durations, fill increases, & claim decreases.
+    bytes32 salt; // Replay protection parameter.
+}