rkalis
commented
2 years ago Why are you specifying a custom address? What happens when you omit it?
Closed rocketvilas closed 2 years ago
rkalis
commented
2 years ago Why are you specifying a custom address? What happens when you omit it?
rocketvilas
commented
2 years ago Why are you specifying a custom address? What happens when you omit it?
It gives the same error, I was just trying it by giving custom address(This address is the actual contract address).
rkalis
commented
2 years ago Ah I see. Is it an option for you to update the Solidity version to something more recent version (e.g. 0.8.x). That may help. It's always very difficult to debug specific verification issues, so sometimes it's better to try some easier steps first.
Also does it work when you install truffle-plugin-verify@legacy?
rocketvilas
commented
2 years ago Still no luck, getting the same error.
rkalis
commented
2 years ago Hmm alright. Do you have a repository where I can reproduce the issue?
rocketvilas
commented
2 years ago Thanks for the help man, it worked. I redeployed the contract and it got verified.
truffle run verify DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03 --network ropsten --debug DEBUG logging is turned ON Running truffle-plugin-verify v0.5.18 Retrieving network's chain ID Verifying DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03 Reading artifact file at /Users/vilasmalhotra/Desktop/fairmint-c-org/build/contracts/DecentralizedAutonomousTrust.json Custom address 0xfa1B723C90927650b142a2c4a12644321C168d03 specified Retrieving constructor parameters from https://api-ropsten.etherscan.io/api?apiKey=WNDWXXAEHAVW4YC7GFZ3FI66WGWQIIZXZT&module=account&action=txlist&address=0xfa1B723C90927650b142a2c4a12644321C168d03&page=1&sort=asc&offset=1 Constructor parameters retrieved: 0x Sending verify request with POST arguments: { "apikey": "WNDWXXAEHAVW4YC7GFZ3FI66WGWQIIZXZT", "module": "contract", "action": "verifysourcecode", "contractaddress": "0xfa1B723C90927650b142a2c4a12644321C168d03", "sourceCode": "{\"language\":\"Solidity\",\"sources\":{\"/contracts/DecentralizedAutonomousTrust.sol\":{\"content\":\"pragma solidity 0.5.17;\n\nimport \\"./ContinuousOffering.sol\\";\n\n/\n @title Decentralized Autonomous Trust\n This contract is the reference implementation provided by Fairmint for a\n Decentralized Autonomous Trust as described in the continuous\n organization whitepaper (https://github.com/c-org/whitepaper) and\n specified here: https://github.com/fairmint/c-org/wiki. Use at your own\n risk. If you have question or if you're looking for a ready-to-use\n solution using this contract, you might be interested in Fairmint's\n offering. Do not hesitate to get in touch with us: https://fairmint.co\\n /\ncontract DecentralizedAutonomousTrust is ContinuousOffering {\n event Close(uint _exitFee);\n event Pay(address indexed _from, uint _currencyValue);\n event UpdateConfig(\n address _whitelistAddress,\n address indexed _beneficiary,\n address indexed _control,\n address indexed _feeCollector,\n uint _revenueCommitmentBasisPoints,\n uint _feeBasisPoints,\n uint _minInvestment,\n uint _minDuration\n );\n\n /// @notice The revenue commitment of the organization. Defines the percentage of the value paid through the contract\n /// that is automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n function revenueCommitmentBasisPoints() public view returns (uint) {\n return __revenueCommitmentBasisPoints;\n }\n\n /// @notice The investment reserve of the c-org. Defines the percentage of the value invested that is\n /// automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n function investmentReserveBasisPoints() public view returns (uint) {\n return investmentReserveBasisPoints;\n }\n\n /// @notice Initialized at
0and updated when the contract switches frominitstate torunstate\n /// with the current timestamp.\n function runStartedOn() public view returns (uint) {\n return startedOn;\n }\n\n function initialize(\n uint _initReserve,\n address _currencyAddress,\n uint _initGoal,\n uint _buySlopeNum,\n uint _buySlopeDen,\n uint _investmentReserveBasisPoints,\n uint _setupFee,\n address payable _setupFeeRecipient,\n string memory _name,\n string memory _symbol\n ) public\n {\n // _initialize will enforce this is only called once\n super._initialize(\n _initReserve,\n _currencyAddress,\n _initGoal,\n _buySlopeNum,\n _buySlopeDen,\n _setupFee,\n _setupFeeRecipient,\n _name,\n _symbol\n );\n\n // Set initGoal, which in turn defines the initial state\n if(_initGoal == 0)\n {\n emit StateChange(state, STATE_RUN);\n state = STATE_RUN;\n startedOn = block.timestamp;\n }\n else\n {\n // Math: If this value got too large, the DAT would overflow on sell\n require(_initGoal < MAX_SUPPLY, \\"EXCESSIVE_GOAL\\");\n initGoal = _initGoal;\n }\n\n // 100% or less\n require(_investmentReserveBasisPoints <= BASIS_POINTS_DEN, \\"INVALID_RESERVE\\");\n investmentReserveBasisPoints = _investmentReserveBasisPoints;\n }\n\n /// Close\n\n function estimateExitFee(uint _msgValue) public view returns (uint) {\n uint exitFee;\n\n if (state == STATE_RUN) {\n uint reserve = buybackReserve();\n reserve = reserve.sub(_msgValue);\n\n // Source: t(t+b)(n/d)-r\n // Implementation: (b n t)/d + (n t^2)/d - r\n\n uint _totalSupply = totalSupply();\n\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE\n exitFee = BigDiv.bigDiv2x1(\n _totalSupply,\n burnedSupply buySlopeNum,\n buySlopeDen\n );\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE\n exitFee += BigDiv.bigDiv2x1(\n _totalSupply,\n buySlopeNum * _totalSupply,\n buySlopeDen\n );\n // Math: this if condition avoids a potential overflow\n if (exitFee <= reserve) {\n exitFee = 0;\n } else {\n exitFee -= reserve;\n }\n }\n\n return exitFee;\n }\n\n /// @notice Called by the beneficiary account to STATE_CLOSE or STATE_CANCEL the c-org,\n /// preventing any more tokens from being minted.\n /// @dev Requires anexitFeeto be paid. If the currency is ETH, include a little more than\n /// what appears to be required and any remainder will be returned to your account. This is\n /// because another user may have a transaction mined which changes the exitFee required.\n /// For othercurrencytypes, the beneficiary account will be billed the exact amount required.\n function close() public payable {\n uint exitFee = 0;\n\n if (state == STATE_RUN) {\n exitFee = estimateExitFee(msg.value);\n _collectInvestment(msg.sender, exitFee, msg.value, true);\n }\n\n super._close();\n emit Close(exitFee);\n }\n\n /// Pay\n\n /// @dev Pay the organization on-chain.\n /// @param _currencyValue How much currency which was paid.\n function pay(uint _currencyValue) public payable {\n _collectInvestment(msg.sender, _currencyValue, msg.value, false);\n require(state == STATE_RUN, \\"INVALID_STATE\\");\n require(_currencyValue > 0, \\"MISSING_CURRENCY\\");\n\n // Send a portion of the funds to the beneficiary, the rest is added to the buybackReserve\n // Math: if _currencyValue is < (2^256 - 1) / 10000 this will not overflow\n uint reserve = _currencyValue.mul(revenueCommitmentBasisPoints);\n reserve /= BASIS_POINTS_DEN;\n\n // Math: this will never underflow since revenueCommitmentBasisPoints is capped to BASIS_POINTS_DEN\n _transferCurrency(beneficiary, _currencyValue - reserve);\n\n emit Pay(msg.sender, _currencyValue);\n }\n\n /// @notice Pay the organization on-chain without minting any tokens.\n /// @dev This allows you to add funds directly to the buybackReserve.\n function() external payable {\n require(address(currency) == address(0), \\"ONLY_FOR_CURRENCY_ETH\\");\n }\n\n function updateConfig(\n address _whitelistAddress,\n address payable _beneficiary,\n address _control,\n address payable _feeCollector,\n uint _feeBasisPoints,\n uint _revenueCommitmentBasisPoints,\n uint _minInvestment,\n uint _minDuration\n ) public {\n _updateConfig(\n _whitelistAddress,\n _beneficiary,\n _control,\n _feeCollector,\n _feeBasisPoints,\n _minInvestment,\n _minDuration\n );\n\n require(\n _revenueCommitmentBasisPoints <= BASIS_POINTS_DEN,\n \\"INVALID_COMMITMENT\\"\n );\n require(\n _revenueCommitmentBasisPoints >= revenueCommitmentBasisPoints,\n \\"COMMITMENT_MAY_NOT_BE_REDUCED\\"\n );\n revenueCommitmentBasisPoints = _revenueCommitmentBasisPoints;\n\n emit UpdateConfig(\n _whitelistAddress,\n _beneficiary,\n _control,\n _feeCollector,\n _revenueCommitmentBasisPoints,\n _feeBasisPoints,\n _minInvestment,\n _minDuration\n );\n }\n\n /// @notice A temporary function to setrunStartedOn, to be used by contracts which were\n /// already deployed before this feature was introduced.\n /// @dev This function will be removed once known users have called the function.\n function initializeRunStartedOn(\n uint _runStartedOn\n ) external\n {\n require(msg.sender == control, \\"CONTROL_ONLY\\");\n require(state == STATE_RUN, \\"ONLY_CALL_IN_RUN\\");\n require(startedOn == 0, \\"ONLY_CALL_IF_NOT_AUTO_SET\\");\n require(_runStartedOn <= block.timestamp, \\"DATE_MUST_BE_IN_PAST\\");\n\n startedOn = _runStartedOn;\n }\n\n /// @dev Distributes _value currency between the buybackReserve, beneficiary, and feeCollector.\n function _distributeInvestment(\n uint _value\n ) internal\n {\n // Rounding favors buybackReserve, then beneficiary, and feeCollector is last priority.\n\n // Math: if investment value is < (2^256 - 1) / 10000 this will never overflow.\n // Except maybe with a huge single investment, but they can try again with multiple smaller investments.\n uint reserve = investmentReserveBasisPoints.mul(_value);\n reserve /= BASIS_POINTS_DEN;\n reserve = _value.sub(reserve);\n uint fee = reserve.mul(feeBasisPoints);\n fee /= BASIS_POINTS_DEN;\n\n // Math: since feeBasisPoints is <= BASIS_POINTS_DEN, this will never underflow.\n _transferCurrency(beneficiary, reserve - fee);\n _transferCurrency(feeCollector, fee);\n }\n}\n\"},\"/contracts/math/Sqrt.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/*\n @title Calculates the square root of a given value.\n @dev Results may be off by 1.\n /\nlibrary Sqrt {\n /// @notice The max possible value\n uint private constant MAX_UINT = 2256 - 1;\n\n // Source: https://github.com/ethereum/dapp-bin/pull/50\\n function sqrt(uint x) internal pure returns (uint y) {\n if (x == 0) {\n return 0;\n } else if (x <= 3) {\n return 1;\n } else if (x == MAX_UINT) {\n // Without this we fail on x + 1 below\n return 2128 - 1;\n }\n\n uint z = (x + 1) / 2;\n y = x;\n while (z < y) {\n y = z;\n z = (x / z + z) / 2;\n }\n }\n}\n\"},\"/contracts/math/BigDiv.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\\";\n\n/\n @title Reduces the size of terms before multiplication, to avoid an overflow, and then\n restores the proper size after division.\n @notice This effectively allows us to overflow values in the numerator and/or denominator\n of a fraction, so long as the end result does not overflow as well.\n @dev Results may be off by 1 + 0.000001% for 2x1 calls and 2 + 0.00001% for 2x2 calls.\n Do not use if your contract expects very small result values to be accurate.\n /\nlibrary BigDiv {\n using SafeMath for uint;\n\n /// @notice The max possible value\n uint private constant MAX_UINT = 2256 - 1;\n\n /// @notice When multiplying 2 terms <= this value the result won't overflow\n uint private constant MAX_BEFORE_SQUARE = 2128 - 1;\n\n /// @notice The max error target is off by 1 plus up to 0.000001% error\n /// for bigDiv2x1 and that ` 2for bigDiv2x2\\n uint private constant MAX_ERROR = 100000000;\\n\\n /// @notice A larger error threshold to use when multiple rounding errors may apply\\n uint private constant MAX_ERROR_BEFORE_DIV = MAX_ERROR * 2;\\n\\n /**\\n * @notice Returns the approx result ofa b / d` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _den the denominator\n @return the approx result with up to off by 1 + MAX_ERROR, rounding down if needed\n /\n function bigDiv2x1(\n uint _numA,\n uint _numB,\n uint _den\n ) internal pure returns (uint) {\n if (_numA == 0 || _numB == 0) {\n // would div by 0 or underflow if we don't special case 0\n return 0;\n }\n\n uint value;\n\n if (MAX_UINT / _numA >= _numB) {\n // ab does not overflow, return exact math\n value = _numA _numB;\n value /= _den;\n return value;\n }\n\n // Sort numerators\n uint numMax = _numB;\n uint numMin = _numA;\n if (_numA > _numB) {\n numMax = _numA;\n numMin = _numB;\n }\n\n value = numMax / _den;\n if (value > MAX_ERROR) {\n // _den is small enough to be MAX_ERROR or better w/o a factor\n value = value.mul(numMin);\n return value;\n }\n\n // formula = ((a / f) b) / (d / f)\n // factor >= a / sqrt(MAX) (b / sqrt(MAX))\n uint factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n uint temp = numMax - 1;\n temp /= MAX_BEFORE_SQUARE;\n temp += 1;\n if (MAX_UINT / factor >= temp) {\n factor = temp;\n value = numMax / factor;\n if (value > MAX_ERROR_BEFORE_DIV) {\n value = value.mul(numMin);\n temp = _den - 1;\n temp /= factor;\n temp = temp.add(1);\n value /= temp;\n return value;\n }\n }\n\n // formula: (a / (d / f)) (b / f)\n // factor: b / sqrt(MAX)\n factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n value = numMin / factor;\n temp = _den - 1;\n temp /= factor;\n temp += 1;\n temp = numMax / temp;\n value = value.mul(temp);\n return value;\n }\n\n /\n @notice Returns the approx result of `a b / d` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _den the denominator\n @return the approx result with up to off by 1 + MAX_ERROR, rounding down if needed\n @dev roundUp is implemented by first rounding down and then adding the max error to the result\n /\n function bigDiv2x1RoundUp(\n uint _numA,\n uint _numB,\n uint _den\n ) internal pure returns (uint) {\n // first get the rounded down result\n uint value = bigDiv2x1(_numA, _numB, _den);\n\n if (value == 0) {\n // when the value rounds down to 0, assume up to an off by 1 error\n return 1;\n }\n\n // round down has a max error of MAX_ERROR, add that to the result\n // for a round up error of <= MAX_ERROR\n uint temp = value - 1;\n temp /= MAX_ERROR;\n temp += 1;\n if (MAX_UINT - value < temp) {\n // value + error would overflow, return MAX\n return MAX_UINT;\n }\n\n value += temp;\n\n return value;\n }\n\n /\n @notice Returns the approx result of `a b / (c d)` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _denA the first denominator term\n @param _denB the second denominator term\n @return the approx result with up to off by 2 + MAX_ERROR10 error, rounding down if needed\n @dev this uses bigDiv2x1 and adds additional rounding error so the max error of this\n formula is larger\n /\n function bigDiv2x2(\n uint _numA,\n uint _numB,\n uint _denA,\n uint _denB\n ) internal pure returns (uint) {\n if (MAX_UINT / _denA >= _denB) {\n // denAdenB does not overflow, use bigDiv2x1 instead\n return bigDiv2x1(_numA, _numB, _denA _denB);\n }\n\n if (_numA == 0 || _numB == 0) {\n // would div by 0 or underflow if we don't special case 0\n return 0;\n }\n\n // Sort denominators\n uint denMax = _denB;\n uint denMin = _denA;\n if (_denA > _denB) {\n denMax = _denA;\n denMin = _denB;\n }\n\n uint value;\n\n if (MAX_UINT / _numA >= _numB) {\n // ab does not overflow, usea / d / c\n value = _numA _numB;\n value /= denMin;\n value /= denMax;\n return value;\n }\n\n //ab / cdwhere bothabandcdwould overflow\n\n // Sort numerators\n uint numMax = _numB;\n uint numMin = _numA;\n if (_numA > _numB) {\n numMax = _numA;\n numMin = _numB;\n }\n\n // formula = (a/d) b / c\n uint temp = numMax / denMin;\n if (temp > MAX_ERROR_BEFORE_DIV) {\n return bigDiv2x1(temp, numMin, denMax);\n }\n\n // formula: ((a/f) b) / d then either f / c or / c f\n // factor >= a / sqrt(MAX) (b / sqrt(MAX))\n uint factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n temp = numMax - 1;\n temp /= MAX_BEFORE_SQUARE;\n temp += 1;\n if (MAX_UINT / factor >= temp) {\n factor = temp;\n\n value = numMax / factor;\n if (value > MAX_ERROR_BEFORE_DIV) {\n value = value.mul(numMin);\n value /= denMin;\n if (value > 0 && MAX_UINT / value >= factor) {\n value = factor;\n value /= denMax;\n return value;\n }\n }\n }\n\n // formula: (a/f) b / ((cd)/f)\n // factor >= c / sqrt(MAX) (d / sqrt(MAX))\n factor = denMin;\n factor /= MAX_BEFORE_SQUARE;\n temp = denMax;\n // + 1 here prevents overflow of factortemp\n temp /= MAX_BEFORE_SQUARE + 1;\n factor = temp;\n return bigDiv2x1(numMax / factor, numMin, MAX_UINT);\n }\n}\n\"},\"/contracts/interfaces/IWhitelist.sol\":{\"content\":\"pragma solidity 0.5.17;\n\n/\n Source: https://raw.githubusercontent.com/simple-restricted-token/reference-implementation/master/contracts/token/ERC1404/ERC1404.sol\\n With ERC-20 APIs removed (will be implemented as a separate contract).\n And adding authorizeTransfer.\n /\ninterface IWhitelist {\n /\n @notice Detects if a transfer will be reverted and if so returns an appropriate reference code\n @param from Sending address\n @param to Receiving address\n @param value Amount of tokens being transferred\n @return Code by which to reference message for rejection reasoning\n @dev Overwrite with your custom transfer restriction logic\n */\n function detectTransferRestriction(\n address from,\n address to,\n uint value\n ) external view returns (uint8);\n\n /\n @notice Returns a human-readable message for a given restriction code\n @param restrictionCode Identifier for looking up a message\n @return Text showing the restriction's reasoning\n @dev Overwrite with your custom message and restrictionCode handling\n */\n function messageForTransferRestriction(uint8 restrictionCode)\n external\n pure\n returns (string memory);\n\n /*\n @notice Called by the DAT contract before a transfer occurs.\n @dev This call will revert when the transfer is not authorized.\n This is a mutable call to allow additional data to be recorded,\n such as when the user aquired their tokens.\n /\n function authorizeTransfer(\n address _from,\n address _to,\n uint _value,\n bool _isSell\n ) external;\n\n function walletActivated(\n address _wallet\n ) external returns(bool);\n}\n\"},\"/contracts/interfaces/IERC20Detailed.sol\":{\"content\":\"pragma solidity 0.5.17;\n\ninterface IERC20Detailed {\n /\n @dev Returns the number of decimals used to get its user representation.\n For example, ifdecimalsequals2, a balance of505tokens should\n * be displayed to a user as5,05(505 / 10 ** 2).\n \n Tokens usually opt for a value of 18, imitating the relationship between\n Ether and Wei.\n \n NOTE: This information is only used for display purposes: it in\n no way affects any of the arithmetic of the contract, including\n {IERC20-balanceOf} and {IERC20-transfer}.\n /\n function decimals() external view returns (uint8);\n}\n\"},\"/contracts/ContinuousOffering.sol\":{\"content\":\"pragma solidity 0.5.17;\n\nimport \\"./interfaces/IWhitelist.sol\\";\nimport \\"./interfaces/IERC20Detailed.sol\\";\nimport \\"./math/BigDiv.sol\\";\nimport \\"./math/Sqrt.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/IERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/SafeERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20Detailed.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/utils/Address.sol\\";\n\n\n/\n @title Continuous Offering abstract contract\n @notice A shared base for various offerings from Fairmint.\n */\ncontract ContinuousOffering\n is ERC20, ERC20Detailed\n{\n using SafeMath for uint;\n using Sqrt for uint;\n using SafeERC20 for IERC20;\n\n /\n Events\n /\n\n event Buy(\n address indexed _from,\n address indexed _to,\n uint _currencyValue,\n uint _fairValue\n );\n event Sell(\n address indexed _from,\n address indexed _to,\n uint _currencyValue,\n uint _fairValue\n );\n event Burn(\n address indexed _from,\n uint _fairValue\n );\n event StateChange(\n uint _previousState,\n uint _newState\n );\n\n /\n Constants\n /\n\n /// @notice The default state\n uint internal constant STATE_INIT = 0;\n\n /// @notice The state after initGoal has been reached\n uint internal constant STATE_RUN = 1;\n\n /// @notice The state after closed by thebeneficiaryaccount from STATE_RUN\n uint internal constant STATE_CLOSE = 2;\n\n /// @notice The state after closed by thebeneficiaryaccount from STATE_INIT\n uint internal constant STATE_CANCEL = 3;\n\n /// @notice When multiplying 2 terms, the max value is 2^128-1\n uint internal constant MAX_BEFORE_SQUARE = 2128 - 1;\n\n /// @notice The denominator component for values specified in basis points.\n uint internal constant BASIS_POINTS_DEN = 10000;\n\n /// @notice The maxtotalSupply() + burnedSupply\n /// @dev This limit ensures that the DAT's formulas do not overflow (<MAX_BEFORE_SQUARE/2)\n uint internal constant MAX_SUPPLY = 10 38;\n\n /\n Data specific to our token business logic\n /\n\n /// @notice The contract for transfer authorizations, if any.\n IWhitelist public whitelist;\n\n /// @notice The total number of burned FAIR tokens, excluding tokens burned from aSellaction in the DAT.\n uint public burnedSupply;\n\n /\n Data for DAT business logic\n /\n\n /// @dev unused slot which remains to ensure compatible upgrades\n bool private autoBurn;\n\n /// @notice The address of the beneficiary organization which receives the investments.\n /// Points to the wallet of the organization.\n address payable public beneficiary;\n\n /// @notice The buy slope of the bonding curve.\n /// Does not affect the financial model, only the granularity of FAIR.\n /// @dev This is the numerator component of the fractional value.\n uint public buySlopeNum;\n\n /// @notice The buy slope of the bonding curve.\n /// Does not affect the financial model, only the granularity of FAIR.\n /// @dev This is the denominator component of the fractional value.\n uint public buySlopeDen;\n\n /// @notice The address from which the updatable variables can be updated\n address public control;\n\n /// @notice The address of the token used as reserve in the bonding curve\n /// (e.g. the DAI contract). Use ETH if 0.\n IERC20 public currency;\n\n /// @notice The address where fees are sent.\n address payable public feeCollector;\n\n /// @notice The percent fee collected each time new FAIR are issued expressed in basis points.\n uint public feeBasisPoints;\n\n /// @notice The initial fundraising goal (expressed in FAIR) to start the c-org.\n ///0means that there is no initial fundraising and the c-org immediately moves to run state.\n uint public initGoal;\n\n /// @notice A map with all investors in init state using address as a key and amount as value.\n /// @dev This structure's purpose is to make sure that only investors can withdraw their money if init_goal is not reached.\n mapping(address => uint) public initInvestors;\n\n /// @notice The initial number of FAIR created at initialization for the beneficiary.\n /// Technically however, this variable is not a constant as we must always have\n ///init_reserve>=total_supply+burnt_supplywhich means thatinit_reservewill be automatically\n /// decreased to equaltotal_supply+burnt_supplyin caseinit_reserve>total_supply+burnt_supply\n /// after an investor sells his FAIRs.\n /// @dev Organizations may move these tokens into vesting contract(s)\n uint public initReserve;\n\n /// @notice The investment reserve of the c-org. Defines the percentage of the value invested that is\n /// automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n uint internal investmentReserveBasisPoints;\n\n /// @dev unused slot which remains to ensure compatible upgrades\n uint private openUntilAtLeast;\n\n /// @notice The minimum amount ofcurrencyinvestment accepted.\n uint public minInvestment;\n\n /// @dev The revenue commitment of the organization. Defines the percentage of the value paid through the contract\n /// that is automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n uint internal revenueCommitmentBasisPoints;\n\n /// @notice The current state of the contract.\n /// @dev See the constants above for possible state values.\n uint public state;\n\n /// @dev If this value changes we need to reconstruct the DOMAIN_SEPARATOR\n string public constant version = \\"3\\";\n // --- EIP712 niceties ---\n // Original source: https://etherscan.io/address/0x6b175474e89094c44da98b954eedeac495271d0f#code\\n mapping (address => uint) public nonces;\n bytes32 public DOMAIN_SEPARATOR;\n // keccak256(\\"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;\n\n // The success fee (expressed in currency) that will be earned by setupFeeRecipient as soon as initGoal\n // is reached. We must have setup_fee <= buy_slope*init_goal^(2)/2\n uint public setupFee;\n\n // The recipient of the setup_fee once init_goal is reached\n address payable public setupFeeRecipient;\n\n /// @notice The minimum time before which the c-org contract cannot be closed once the contract has\n /// reached therunstate.\n /// @dev When updated, the new value ofminimum_durationcannot be earlier than the previous value.\n uint public minDuration;\n\n /// @dev Initialized at0and updated when the contract switches frominitstate torunstate\n /// or when the initial trial period ends.\n uint public __startedOn;\n\n /// @notice The max possible value\n uint internal constant MAX_UINT = 2256 - 1;\n\n // keccak256(\\"PermitBuy(address from,address to,uint256 currencyValue,uint256 minTokensBought,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_BUY_TYPEHASH = 0xaf42a244b3020d6a2253d9f291b4d3e82240da42b22129a8113a58aa7a3ddb6a;\n\n // keccak256(\\"PermitSell(address from,address to,uint256 quantityToSell,uint256 minCurrencyReturned,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_SELL_TYPEHASH = 0x5dfdc7fb4c68a4c249de5e08597626b84fbbe7bfef4ed3500f58003e722cc548;\n\n modifier authorizeTransfer(\n address _from,\n address _to,\n uint _value,\n bool _isSell\n )\n {\n if(address(whitelist) != address(0))\n {\n // This is not set for the minting of initialReserve\n whitelist.authorizeTransfer(_from, _to, _value, isSell);\n }\n ;\n }\n\n /\n Buyback reserve\n /\n\n /// @notice The total amount of currency value currently locked in the contract and available to sellers.\n function buybackReserve() public view returns (uint)\n {\n uint reserve = address(this).balance;\n if(address(currency) != address(0))\n {\n reserve = currency.balanceOf(address(this));\n }\n\n if(reserve > MAX_BEFORE_SQUARE)\n {\n /// Math: If the reserve becomes excessive, cap the value to prevent overflowing in other formulas\n return MAX_BEFORE_SQUARE;\n }\n\n return reserve;\n }\n\n /\n Functions required by the ERC-20 token standard\n /\n\n /// @dev Moves tokens from one account to another if authorized.\n function _transfer(\n address _from,\n address _to,\n uint _amount\n ) internal\n authorizeTransfer(_from, _to, _amount, false)\n {\n require(state != STATE_INIT || _from == beneficiary, \\"ONLY_BENEFICIARY_DURING_INIT\\");\n super._transfer(_from, _to, _amount);\n }\n\n /// @dev Removes tokens from the circulating supply.\n function _burn(\n address _from,\n uint _amount,\n bool _isSell\n ) internal\n authorizeTransfer(_from, address(0), _amount, _isSell)\n {\n super._burn(_from, _amount);\n\n if(!_isSell)\n {\n // This is a burn\n require(state == STATE_RUN, \\"INVALID_STATE\\");\n // SafeMath not required as we cap how high this value may get during mint\n burnedSupply += _amount;\n emit Burn(_from, _amount);\n }\n }\n\n /// @notice Called to mint tokens onbuy.\n function _mint(\n address _to,\n \n uint _quantity\n ) internal\n authorizeTransfer(address(0), _to, _quantity, false)\n {\n super._mint(_to, _quantity);\n\n // Math: If this value got too large, the DAT may overflow on sell\n require(totalSupply().add(burnedSupply) <= MAX_SUPPLY, \\"EXCESSIVE_SUPPLY\\");\n }\n\n /\n Transaction Helpers\n /\n\n /// @notice Confirms the transfer of_quantityToInvestcurrency to the contract.\n function _collectInvestment(\n address payable _from,\n uint _quantityToInvest,\n uint _msgValue,\n bool _refundRemainder\n ) internal\n {\n if(address(currency) == address(0))\n {\n // currency is ETH\n if(_refundRemainder)\n {\n // Math: if _msgValue was not sufficient then revert\n uint refund = _msgValue.sub(_quantityToInvest);\n if(refund > 0)\n {\n Address.sendValue(msg.sender, refund);\n }\n }\n else\n {\n require(_quantityToInvest == _msgValue, \\"INCORRECT_MSG_VALUE\\");\n }\n }\n else\n {\n // currency is ERC20\n require(_msgValue == 0, \\"DO_NOT_SEND_ETH\\");\n\n currency.safeTransferFrom(_from, address(this), _quantityToInvest);\n }\n }\n\n /// @dev Send_amountcurrency from the contract to the_toaccount.\n function _transferCurrency(\n address payable _to,\n uint _amount\n ) internal\n {\n if(_amount > 0)\n {\n if(address(currency) == address(0))\n {\n Address.sendValue(_to, _amount);\n }\n else\n {\n currency.safeTransfer(_to, _amount);\n }\n }\n }\n\n /\n Config / Control\n /\n\n /// @notice Called once after deploy to set the initial configuration.\n /// None of the values provided here may change once initially set.\n /// @dev using the init pattern in order to support zos upgrades\n function _initialize(\n uint _initReserve,\n address _currencyAddress,\n uint _initGoal,\n uint _buySlopeNum,\n uint _buySlopeDen,\n uint _setupFee,\n address payable _setupFeeRecipient,\n string memory _name,\n string memory _symbol\n ) internal\n {\n // The ERC-20 implementation will confirm initialize is only run once\n ERC20Detailed.initialize(_name, _symbol, 18);\n\n require(_buySlopeNum > 0, \\"INVALID_SLOPE_NUM\\");\n require(_buySlopeDen > 0, \\"INVALID_SLOPE_DEN\\");\n require(_buySlopeNum < MAX_BEFORE_SQUARE, \\"EXCESSIVE_SLOPE_NUM\\");\n require(_buySlopeDen < MAX_BEFORE_SQUARE, \\"EXCESSIVE_SLOPE_DEN\\");\n buySlopeNum = _buySlopeNum;\n buySlopeDen = _buySlopeDen;\n\n // Setup Fee\n require(_setupFee == 0 || _setupFeeRecipient != address(0), \\"MISSING_SETUP_FEE_RECIPIENT\\");\n require(_setupFeeRecipient == address(0) || _setupFee != 0, \\"MISSING_SETUP_FEE\\");\n // setup_fee <= (n/d)(g^2)/2\n uint initGoalInCurrency = _initGoal _initGoal;\n initGoalInCurrency = initGoalInCurrency.mul(_buySlopeNum);\n initGoalInCurrency /= 2 _buySlopeDen;\n require(_setupFee <= initGoalInCurrency, \\"EXCESSIVE_SETUP_FEE\\");\n setupFee = _setupFee;\n setupFeeRecipient = _setupFeeRecipient;\n\n // Set default values (which may be updated usingupdateConfig)\n uint decimals = 18;\n if(_currencyAddress != address(0))\n {\n decimals = IERC20Detailed(_currencyAddress).decimals();\n }\n minInvestment = 100 (10 decimals);\n beneficiary = msg.sender;\n control = msg.sender;\n feeCollector = msg.sender;\n\n // Save currency\n currency = IERC20(_currencyAddress);\n\n // Mint the initial reserve\n if(_initReserve > 0)\n {\n initReserve = _initReserve;\n _mint(beneficiary, initReserve);\n }\n\n initializeDomainSeparator();\n }\n\n /// @notice Used to initialize the domain separator used in meta-transactions\n /// @dev This is separate frominitializeto allow upgraded contracts to update the version\n /// There is no harm in calling this multiple times / no permissions required\n function initializeDomainSeparator() public\n {\n uint id;\n // solium-disable-next-line\n assembly\n {\n id := chainid()\n }\n DOMAIN_SEPARATOR = keccak256(\n abi.encode(\n keccak256(\\"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)\\"),\n keccak256(bytes(name())),\n keccak256(bytes(version)),\n id,\n address(this)\n )\n );\n }\n\n function _updateConfig(\n address _whitelistAddress,\n address payable _beneficiary,\n address _control,\n address payable _feeCollector,\n uint _feeBasisPoints,\n uint _minInvestment,\n uint _minDuration\n ) internal\n {\n // This require(also confirms that initialize has been called.\n require(msg.sender == control, \\"CONTROL_ONLY\\");\n\n // address(0) is okay\n whitelist = IWhitelist(_whitelistAddress);\n\n require(_control != address(0), \\"INVALID_ADDRESS\\");\n control = _control;\n\n require(_feeCollector != address(0), \\"INVALID_ADDRESS\\");\n feeCollector = _feeCollector;\n\n require(_feeBasisPoints <= BASIS_POINTS_DEN, \\"INVALID_FEE\\");\n feeBasisPoints = _feeBasisPoints;\n\n require(_minInvestment > 0, \\"INVALID_MIN_INVESTMENT\\");\n minInvestment = _minInvestment;\n\n require(_minDuration >= minDuration, \\"MIN_DURATION_MAY_NOT_BE_REDUCED\\");\n minDuration = _minDuration;\n\n if(beneficiary != _beneficiary)\n {\n require(_beneficiary != address(0), \\"INVALID_ADDRESS\\");\n uint tokens = balanceOf(beneficiary);\n initInvestors[_beneficiary] = initInvestors[_beneficiary].add(initInvestors[beneficiary]);\n initInvestors[beneficiary] = 0;\n if(tokens > 0)\n {\n _transfer(beneficiary, _beneficiary, tokens);\n }\n beneficiary = _beneficiary;\n }\n }\n\n /\n Functions for our business logic\n /\n\n /// @notice Burn the amount of tokens from the address msg.sender if authorized.\n /// @dev Note that this is not the same as asellvia the DAT.\n function burn(\n uint _amount\n ) public\n {\n _burn(msg.sender, _amount, false);\n }\n\n /// @notice Burn the amount of tokens from the given address if approved.\n function burnFrom(\n address _from,\n uint _amount\n ) public\n {\n _approve(_from, msg.sender, allowance(_from, msg.sender).sub(_amount, \\"ERC20: burn amount exceeds allowance\\"));\n _burn(_from, _amount, false);\n }\n\n // Buy\n\n /// @dev Distributes _value currency between the buybackReserve, beneficiary, and feeCollector.\n function _distributeInvestment(uint _value) internal;\n\n /// @notice Calculate how many FAIR tokens you would buy with the given amount of currency ifbuywas called now.\n /// @param _currencyValue How much currency to spend in order to buy FAIR.\n function estimateBuyValue(\n uint _currencyValue\n ) public view\n returns (uint)\n {\n if(_currencyValue < minInvestment)\n {\n return 0;\n }\n\n /// Calculate the tokenValue for this investment\n uint tokenValue;\n if(state == STATE_INIT)\n {\n uint currencyValue = _currencyValue;\n uint _totalSupply = totalSupply();\n // (buy_slopeinit_goal)(init_goal+init_reserve-total_supply)\n // n/d: buy_slope (MAX_BEFORE_SQUARE / MAX_BEFORE_SQUARE)\n // g: init_goal (MAX_BEFORE_SQUARE)\n // t: total_supply (MAX_BEFORE_SQUARE)\n // r: init_reserve (MAX_BEFORE_SQUARE)\n // source: ((n/d)g)(g+r-t)\n // impl: (g n (g + r - t))/(d)\n uint max = BigDiv.bigDiv2x1(\n initGoal buySlopeNum,\n initGoal + initReserve - _totalSupply,\n buySlopeDen\n );\n if(currencyValue > max)\n {\n currencyValue = max;\n }\n // Math: worst case\n // MAX MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE\n tokenValue = BigDiv.bigDiv2x1(\n currencyValue,\n buySlopeDen,\n initGoal buySlopeNum\n );\n\n if(currencyValue != _currencyValue)\n {\n currencyValue = _currencyValue - max;\n // ((2next_amount/buy_slope)+init_goal^2)^(1/2)-init_goal\n // a: next_amount | currencyValue\n // n/d: buy_slope (MAX_BEFORE_SQUARE / MAX_BEFORE_SQUARE)\n // g: init_goal (MAX_BEFORE_SQUARE/2)\n // r: init_reserve (MAX_BEFORE_SQUARE/2)\n // sqrt(((2a/(n/d))+g^2)-g\n // sqrt((2 d a + n g^2)/n) - g\n\n // currencyValue == 2 d a\n uint temp = 2 buySlopeDen;\n currencyValue = temp.mul(currencyValue);\n\n // temp == g^2\n temp = initGoal;\n temp = temp;\n\n // temp == n g^2\n temp = temp.mul(buySlopeNum);\n\n // temp == (2 d a) + n g^2\n temp = currencyValue.add(temp);\n\n // temp == (2 d a + n g^2)/n\n temp /= buySlopeNum;\n\n // temp == sqrt((2 d a + n g^2)/n)\n temp = temp.sqrt();\n\n // temp == sqrt((2 d a + n g^2)/n) - g\n temp -= initGoal;\n\n tokenValue = tokenValue.add(temp);\n }\n }\n else if(state == STATE_RUN)\n {\n // initReserve is reduced on sell as necessary to ensure that this line will not overflow\n uint supply = totalSupply() + burnedSupply - initReserve;\n // Math: worst case\n // MAX 2 MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE\n tokenValue = BigDiv.bigDiv2x1(\n _currencyValue,\n 2 buySlopeDen,\n buySlopeNum\n );\n\n // Math: worst case MAX + (MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE)\n tokenValue = tokenValue.add(supply supply);\n tokenValue = tokenValue.sqrt();\n\n // Math: small chance of underflow due to possible rounding in sqrt\n tokenValue = tokenValue.sub(supply);\n }\n else\n {\n // invalid state\n return 0;\n }\n\n return tokenValue;\n }\n\n function _buy(\n address payable _from,\n address _to,\n uint _currencyValue,\n uint _minTokensBought\n ) internal\n {\n require(_to != address(0), \\"INVALID_ADDRESS\\");\n require(_minTokensBought > 0, \\"MUST_BUY_AT_LEAST_1\\");\n\n // Calculate the tokenValue for this investment\n uint tokenValue = estimateBuyValue(_currencyValue);\n require(tokenValue >= _minTokensBought, \\"PRICE_SLIPPAGE\\");\n\n emit Buy(_from, _to, _currencyValue, tokenValue);\n\n _collectInvestment(_from, _currencyValue, msg.value, false);\n\n // Update state, initInvestors, and distribute the investment when appropriate\n if(state == STATE_INIT)\n {\n // Math worst case: MAX_BEFORE_SQUARE\n initInvestors[_to] += tokenValue;\n // Math worst case:\n // MAX_BEFORE_SQUARE + MAX_BEFORE_SQUARE\n if(totalSupply() + tokenValue - initReserve >= initGoal)\n {\n emit StateChange(state, STATE_RUN);\n state = STATE_RUN;\n __startedOn = block.timestamp;\n\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2\n // / MAX_BEFORE_SQUARE\n uint beneficiaryContribution = BigDiv.bigDiv2x1(\n initInvestors[beneficiary],\n buySlopeNum initGoal,\n buySlopeDen\n );\n\n if(setupFee > 0)\n {\n _transferCurrency(setupFeeRecipient, setupFee);\n if(beneficiaryContribution > setupFee)\n {\n beneficiaryContribution -= setupFee;\n }\n else\n {\n beneficiaryContribution = 0;\n }\n }\n\n _distributeInvestment(buybackReserve().sub(beneficiaryContribution));\n }\n }\n else // implied: if(state == STATE_RUN)\n {\n if(_to != beneficiary)\n {\n _distributeInvestment(_currencyValue);\n }\n }\n\n _mint(_to, tokenValue);\n }\n\n /// @notice Purchase FAIR tokens with the given amount of currency.\n /// @param _to The account to receive the FAIR tokens from this purchase.\n /// @param _currencyValue How much currency to spend in order to buy FAIR.\n /// @param _minTokensBought Buy at least this many FAIR tokens or the transaction reverts.\n /// @dev _minTokensBought is necessary as the price will change if some elses transaction mines after\n /// yours was submitted.\n function buy(\n address _to,\n uint _currencyValue,\n uint _minTokensBought\n ) public payable\n {\n _buy(msg.sender, _to, _currencyValue, _minTokensBought);\n }\n\n /// @notice Allow users to sign a message authorizing a buy\n function permitBuy(\n address payable _from,\n address _to,\n uint _currencyValue,\n uint _minTokensBought,\n uint _deadline,\n uint8 _v,\n bytes32 _r,\n bytes32 _s\n ) external\n {\n require(_deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_BUY_TYPEHASH, _from, _to, _currencyValue, _minTokensBought, nonces[_from]++, _deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, _v, _r, _s);\n require(recoveredAddress != address(0) && recoveredAddress == _from, \\"INVALID_SIGNATURE\\");\n _buy(_from, _to, _currencyValue, _minTokensBought);\n }\n\n /// Sell\n\n function estimateSellValue(\n uint _quantityToSell\n ) public view\n returns(uint)\n {\n uint reserve = buybackReserve();\n\n // Calculate currencyValue for this sale\n uint currencyValue;\n if(state == STATE_RUN)\n {\n uint supply = totalSupply() + burnedSupply;\n\n // buyback_reserve = r\n // total_supply = t\n // burnt_supply = b\n // amount = a\n // source: (t+b)a(2r)/((t+b)^2)-(((2r)/((t+b)^2)a^2)/2)+((2r)/((t+b)^2)ab^2)/(2(t))\n // imp: (a b^2 r)/(t (b + t)^2) + (2 a r)/(b + t) - (a^2 r)/(b + t)^2\n\n // Math: burnedSupply is capped in FAIR such that the square will never overflow\n // Math worst case:\n // MAX MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n // / MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n currencyValue = BigDiv.bigDiv2x2(\n _quantityToSell.mul(reserve),\n burnedSupply burnedSupply,\n totalSupply(), supply supply\n );\n // Math: worst case currencyValue is MAX_BEFORE_SQUARE (max reserve, 1 supply)\n\n // Math worst case:\n // MAX 2 MAX_BEFORE_SQUARE\n uint temp = _quantityToSell.mul(2 reserve);\n temp /= supply;\n // Math: worst-case temp is MAX_BEFORE_SQUARE (max reserve, 1 supply)\n\n // Math: considering the worst-case for currencyValue and temp, this can never overflow\n currencyValue += temp;\n\n // Math: worst case\n // MAX MAX MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n temp = BigDiv.bigDiv2x1RoundUp(\n _quantityToSell.mul(_quantityToSell),\n reserve,\n supply supply\n );\n if(currencyValue > temp)\n {\n currencyValue -= temp;\n }\n else\n {\n currencyValue = 0;\n }\n }\n else if(state == STATE_CLOSE)\n {\n // Math worst case\n // MAX MAX_BEFORE_SQUARE\n currencyValue = _quantityToSell.mul(reserve);\n currencyValue /= totalSupply();\n }\n else\n {\n // STATE_INIT or STATE_CANCEL\n // Math worst case:\n // MAX * MAX_BEFORE_SQUARE\n currencyValue = _quantityToSell.mul(reserve);\n // Math: FAIR blocks initReserve from being burned unless we reach the RUN state which prevents an underflow\n currencyValue /= totalSupply() - initReserve;\n }\n\n return currencyValue;\n }\n\n function _sell(\n address _from,\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned\n ) internal\n {\n require(_from != beneficiary || state >= STATE_CLOSE, \\"BENEFICIARY_ONLY_SELL_IN_CLOSE_OR_CANCEL\\");\n require(_minCurrencyReturned > 0, \\"MUST_SELL_AT_LEAST_1\\");\n\n uint currencyValue = estimateSellValue(_quantityToSell);\n require(currencyValue >= _minCurrencyReturned, \\"PRICE_SLIPPAGE\\");\n\n if(state == STATE_INIT || state == STATE_CANCEL)\n {\n initInvestors[_from] = initInvestors[_from].sub(_quantityToSell);\n }\n\n _burn(_from, _quantityToSell, true);\n uint supply = totalSupply() + burnedSupply;\n if(supply < initReserve)\n {\n initReserve = supply;\n }\n\n _transferCurrency(_to, currencyValue);\n emit Sell(_from, _to, currencyValue, _quantityToSell);\n }\n\n /// @notice Sell FAIR tokens for at least the given amount of currency.\n /// @param _to The account to receive the currency from this sale.\n /// @param _quantityToSell How many FAIR tokens to sell for currency value.\n /// @param _minCurrencyReturned Get at least this many currency tokens or the transaction reverts.\n /// @dev _minCurrencyReturned is necessary as the price will change if some elses transaction mines after\n /// yours was submitted.\n function sell(\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned\n ) public\n {\n _sell(msg.sender, _to, _quantityToSell, _minCurrencyReturned);\n }\n\n /// @notice Allow users to sign a message authorizing a sell\n function permitSell(\n address _from,\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned,\n uint _deadline,\n uint8 _v,\n bytes32 _r,\n bytes32 _s\n ) external\n {\n require(_deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_SELL_TYPEHASH, _from, _to, _quantityToSell, _minCurrencyReturned, nonces[_from]++, _deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, _v, _r, _s);\n require(recoveredAddress != address(0) && recoveredAddress == _from, \\"INVALID_SIGNATURE\\");\n _sell(_from, _to, _quantityToSell, _minCurrencyReturned);\n }\n\n /// Close\n\n /// @notice Called by the beneficiary account to STATE_CLOSE or STATE_CANCEL the c-org,\n /// preventing any more tokens from being minted.\n /// @dev Requires anexitFeeto be paid. If the currency is ETH, include a little more than\n /// what appears to be required and any remainder will be returned to your account. This is\n /// because another user may have a transaction mined which changes the exitFee required.\n /// For othercurrencytypes, the beneficiary account will be billed the exact amount required.\n function _close() internal\n {\n require(msg.sender == beneficiary, \\"BENEFICIARY_ONLY\\");\n\n if(state == STATE_INIT)\n {\n // Allow the org to cancel anytime if the initGoal was not reached.\n emit StateChange(state, STATE_CANCEL);\n state = STATE_CANCEL;\n }\n else if(state == STATE_RUN)\n {\n // Collect the exitFee and close the c-org.\n require(MAX_UINT - minDuration > startedOn, \\"MAY_NOT_CLOSE\\");\n require(minDuration + startedOn <= block.timestamp, \\"TOO_EARLY\\");\n\n emit StateChange(state, STATE_CLOSE);\n state = STATE_CLOSE;\n }\n else\n {\n revert(\\"INVALID_STATE\\");\n }\n }\n\n // --- Approve by signature ---\n // EIP-2612\n // Original source: https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol\\n function permit(\n address owner,\n address spender,\n uint value,\n uint deadline,\n uint8 v,\n bytes32 r,\n bytes32 s\n ) external\n {\n require(deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, v, r, s);\n require(recoveredAddress != address(0) && recoveredAddress == owner, \\"INVALID_SIGNATURE\\");\n _approve(owner, spender, value);\n }\n\n uint256[50] private gap;\n}\n\"},\"@openzeppelin/upgrades/contracts/Initializable.sol\":{\"content\":\"pragma solidity >=0.4.24 <0.7.0;\n\n\n/\n @title Initializable\n \n @dev Helper contract to support initializer functions. To use it, replace\n the constructor with a function that has theinitializermodifier.\n WARNING: Unlike constructors, initializer functions must be manually\n invoked. This applies both to deploying an Initializable contract, as well\n as extending an Initializable contract via inheritance.\n WARNING: When used with inheritance, manual care must be taken to not invoke\n a parent initializer twice, or ensure that all initializers are idempotent,\n because this is not dealt with automatically as with constructors.\n */\ncontract Initializable {\n\n /\n @dev Indicates that the contract has been initialized.\n /\n bool private initialized;\n\n /\n @dev Indicates that the contract is in the process of being initialized.\n /\n bool private initializing;\n\n /\n @dev Modifier to use in the initializer function of a contract.\n /\n modifier initializer() {\n require(initializing || isConstructor() || !initialized, \\"Contract instance has already been initialized\\");\n\n bool isTopLevelCall = !initializing;\n if (isTopLevelCall) {\n initializing = true;\n initialized = true;\n }\n\n _;\n\n if (isTopLevelCall) {\n initializing = false;\n }\n }\n\n /// @dev Returns true if and only if the function is running in the constructor\n function isConstructor() private view returns (bool) {\n // extcodesize checks the size of the code stored in an address, and\n // address returns the current address. Since the code is still not\n // deployed when running a constructor, any checks on its code size will\n // yield zero, making it an effective way to detect if a contract is\n // under construction or not.\n address self = address(this);\n uint256 cs;\n assembly { cs := extcodesize(self) }\n return cs == 0;\n }\n\n // Reserved storage space to allow for layout changes in the future.\n uint256[50] private __gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/utils/Address.sol\":{\"content\":\"pragma solidity ^0.5.5;\n\n/\n @dev Collection of functions related to the address type\n /\nlibrary Address {\n /\n @dev Returns true ifaccountis a contract.\n \n [IMPORTANT]\n ====\n It is unsafe to assume that an address for which this function returns\n false is an externally-owned account (EOA) and not a contract.\n \n Among others,isContractwill return false for the following \n types of addresses:\n \n - an externally-owned account\n - a contract in construction\n - an address where a contract will be created\n - an address where a contract lived, but was destroyed\n ====\n /\n function isContract(address account) internal view returns (bool) {\n // According to EIP-1052, 0x0 is the value returned for not-yet created accounts\n // and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned\n // for accounts without code, i.e.keccak256('')\n bytes32 codehash;\n bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;\n // solhint-disable-next-line no-inline-assembly\n assembly { codehash := extcodehash(account) }\n return (codehash != accountHash && codehash != 0x0);\n }\n\n /\n @dev Converts anaddressintoaddress payable. Note that this is\n simply a type cast: the actual underlying value is not changed.\n \n Available since v2.4.0.\n */\n function toPayable(address account) internal pure returns (address payable) {\n return address(uint160(account));\n }\n\n /\n @dev Replacement for Solidity'stransfer: sendsamountwei to\nrecipient, forwarding all available gas and reverting on errors.\n \n https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n of certain opcodes, possibly making contracts go over the 2300 gas limit\n imposed bytransfer, making them unable to receive funds via\ntransfer. {sendValue} removes this limitation.\n \n https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n \n IMPORTANT: because control is transferred torecipient, care must be\n taken to not create reentrancy vulnerabilities. Consider using\n {ReentrancyGuard} or the\n https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n \n Available since v2.4.0.\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n require(address(this).balance >= amount, \\"Address: insufficient balance\\");\n\n // solhint-disable-next-line avoid-call-value\n (bool success, ) = recipient.call.value(amount)(\\"\\");\n require(success, \\"Address: unable to send value, recipient may have reverted\\");\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/SafeERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"./IERC20.sol\\";\nimport \\"../../math/SafeMath.sol\\";\nimport \\"../../utils/Address.sol\\";\n\n/\n @title SafeERC20\n @dev Wrappers around ERC20 operations that throw on failure (when the token\n contract returns false). Tokens that return no value (and instead revert or\n throw on failure) are also supported, non-reverting calls are assumed to be\n successful.\n To use this library you can add ausing SafeERC20 for ERC20;statement to your contract,\n which allows you to call the safe operations astoken.safeTransfer(...), etc.\n /\nlibrary SafeERC20 {\n using SafeMath for uint256;\n using Address for address;\n\n function safeTransfer(IERC20 token, address to, uint256 value) internal {\n callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));\n }\n\n function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {\n callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));\n }\n\n function safeApprove(IERC20 token, address spender, uint256 value) internal {\n // safeApprove should only be called when setting an initial allowance,\n // or when resetting it to zero. To increase and decrease it, use\n // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'\n // solhint-disable-next-line max-line-length\n require((value == 0) || (token.allowance(address(this), spender) == 0),\n \\"SafeERC20: approve from non-zero to non-zero allowance\\"\n );\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));\n }\n\n function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {\n uint256 newAllowance = token.allowance(address(this), spender).add(value);\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n\n function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {\n uint256 newAllowance = token.allowance(address(this), spender).sub(value, \\"SafeERC20: decreased allowance below zero\\");\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n\n /\n @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement\n on the return value: the return value is optional (but if data is returned, it must not be false).\n @param token The token targeted by the call.\n @param data The call data (encoded using abi.encode or one of its variants).\n */\n function callOptionalReturn(IERC20 token, bytes memory data) private {\n // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since\n // we're implementing it ourselves.\n\n // A Solidity high level call has three parts:\n // 1. The target address is checked to verify it contains contract code\n // 2. The call itself is made, and success asserted\n // 3. The return value is decoded, which in turn checks the size of the returned data.\n // solhint-disable-next-line max-line-length\n require(address(token).isContract(), \\"SafeERC20: call to non-contract\\");\n\n // solhint-disable-next-line avoid-low-level-calls\n (bool success, bytes memory returndata) = address(token).call(data);\n require(success, \\"SafeERC20: low-level call failed\\");\n\n if (returndata.length > 0) { // Return data is optional\n // solhint-disable-next-line max-line-length\n require(abi.decode(returndata, (bool)), \\"SafeERC20: ERC20 operation did not succeed\\");\n }\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/IERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/\n @dev Interface of the ERC20 standard as defined in the EIP. Does not include\n the optional functions; to access them see {ERC20Detailed}.\n */\ninterface IERC20 {\n /\n @dev Returns the amount of tokens in existence.\n /\n function totalSupply() external view returns (uint256);\n\n /\n @dev Returns the amount of tokens owned byaccount.\n /\n function balanceOf(address account) external view returns (uint256);\n\n /\n @dev Movesamounttokens from the caller's account torecipient.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n Emits a {Transfer} event.\n /\n function transfer(address recipient, uint256 amount) external returns (bool);\n\n /\n @dev Returns the remaining number of tokens thatspenderwill be\n allowed to spend on behalf ofownerthrough {transferFrom}. This is\n zero by default.\n \n This value changes when {approve} or {transferFrom} are called.\n /\n function allowance(address owner, address spender) external view returns (uint256);\n\n /*\n @dev Setsamountas the allowance ofspenderover the caller's tokens.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n IMPORTANT: Beware that changing an allowance with this method brings the risk\n that someone may use both the old and the new allowance by unfortunate\n transaction ordering. One possible solution to mitigate this race\n condition is to first reduce the spender's allowance to 0 and set the\n desired value afterwards:\n https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\\n \n Emits an {Approval} event.\n /\n function approve(address spender, uint256 amount) external returns (bool);\n\n /\n @dev Movesamounttokens fromsendertorecipientusing the\n allowance mechanism.amountis then deducted from the caller's\n allowance.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n Emits a {Transfer} event.\n /\n function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);\n\n /\n @dev Emitted whenvaluetokens are moved from one account (from) to\n another (to).\n \n Note thatvaluemay be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /*\n @dev Emitted when the allowance of aspenderfor anowneris set by\n a call to {approve}.valueis the new allowance.\n /\n event Approval(address indexed owner, address indexed spender, uint256 value);\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20Detailed.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\nimport \\"./IERC20.sol\\";\n\n/\n @dev Optional functions from the ERC20 standard.\n /\ncontract ERC20Detailed is Initializable, IERC20 {\n string private _name;\n string private _symbol;\n uint8 private _decimals;\n\n /\n @dev Sets the values forname,symbol, anddecimals. All three of\n these values are immutable: they can only be set once during\n construction.\n /\n function initialize(string memory name, string memory symbol, uint8 decimals) public initializer {\n _name = name;\n _symbol = symbol;\n _decimals = decimals;\n }\n\n /\n @dev Returns the name of the token.\n /\n function name() public view returns (string memory) {\n return _name;\n }\n\n /\n @dev Returns the symbol of the token, usually a shorter version of the\n name.\n */\n function symbol() public view returns (string memory) {\n return _symbol;\n }\n\n /*\n @dev Returns the number of decimals used to get its user representation.\n For example, ifdecimalsequals2, a balance of505tokens should\n be displayed to a user as5,05(`505 / 10 2`).\n \n Tokens usually opt for a value of 18, imitating the relationship between\n Ether and Wei.\n \n NOTE: This information is only used for display purposes: it in\n no way affects any of the arithmetic of the contract, including\n {IERC20-balanceOf} and {IERC20-transfer}.\n /\n function decimals() public view returns (uint8) {\n return _decimals;\n }\n\n uint256[50] private ____gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\n\nimport \\"../../GSN/Context.sol\\";\nimport \\"./IERC20.sol\\";\nimport \\"../../math/SafeMath.sol\\";\n\n/\n @dev Implementation of the {IERC20} interface.\n \n This implementation is agnostic to the way tokens are created. This means\n that a supply mechanism has to be added in a derived contract using {_mint}.\n For a generic mechanism see {ERC20Mintable}.\n \n TIP: For a detailed writeup see our guide\n https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How\\n to implement supply mechanisms].\n \n We have followed general OpenZeppelin guidelines: functions revert instead\n of returningfalseon failure. This behavior is nonetheless conventional\n and does not conflict with the expectations of ERC20 applications.\n \n Additionally, an {Approval} event is emitted on calls to {transferFrom}.\n This allows applications to reconstruct the allowance for all accounts just\n by listening to said events. Other implementations of the EIP may not emit\n these events, as it isn't required by the specification.\n \n Finally, the non-standard {decreaseAllowance} and {increaseAllowance}\n functions have been added to mitigate the well-known issues around setting\n allowances. See {IERC20-approve}.\n */\ncontract ERC20 is Initializable, Context, IERC20 {\n using SafeMath for uint256;\n\n mapping (address => uint256) private _balances;\n\n mapping (address => mapping (address => uint256)) private _allowances;\n\n uint256 private _totalSupply;\n\n /\n @dev See {IERC20-totalSupply}.\n /\n function totalSupply() public view returns (uint256) {\n return _totalSupply;\n }\n\n /\n @dev See {IERC20-balanceOf}.\n /\n function balanceOf(address account) public view returns (uint256) {\n return _balances[account];\n }\n\n /*\n @dev See {IERC20-transfer}.\n \n Requirements:\n \n -recipientcannot be the zero address.\n - the caller must have a balance of at leastamount.\n /\n function transfer(address recipient, uint256 amount) public returns (bool) {\n _transfer(_msgSender(), recipient, amount);\n return true;\n }\n\n /\n @dev See {IERC20-allowance}.\n /\n function allowance(address owner, address spender) public view returns (uint256) {\n return _allowances[owner][spender];\n }\n\n /\n @dev See {IERC20-approve}.\n \n Requirements:\n \n -spendercannot be the zero address.\n /\n function approve(address spender, uint256 amount) public returns (bool) {\n _approve(_msgSender(), spender, amount);\n return true;\n }\n\n /\n @dev See {IERC20-transferFrom}.\n \n Emits an {Approval} event indicating the updated allowance. This is not\n required by the EIP. See the note at the beginning of {ERC20};\n \n Requirements:\n -senderandrecipientcannot be the zero address.\n -sendermust have a balance of at leastamount.\n - the caller must have allowance forsender's tokens of at least\namount.\n */\n function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {\n _transfer(sender, recipient, amount);\n _approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, \\"ERC20: transfer amount exceeds allowance\\"));\n return true;\n }\n\n /\n @dev Atomically increases the allowance granted tospenderby the caller.\n \n This is an alternative to {approve} that can be used as a mitigation for\n problems described in {IERC20-approve}.\n \n Emits an {Approval} event indicating the updated allowance.\n \n Requirements:\n \n -spendercannot be the zero address.\n */\n function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {\n _approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));\n return true;\n }\n\n /*\n @dev Atomically decreases the allowance granted tospenderby the caller.\n \n This is an alternative to {approve} that can be used as a mitigation for\n problems described in {IERC20-approve}.\n \n Emits an {Approval} event indicating the updated allowance.\n \n Requirements:\n \n -spendercannot be the zero address.\n -spendermust have allowance for the caller of at least\nsubtractedValue.\n /\n function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {\n _approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, \\"ERC20: decreased allowance below zero\\"));\n return true;\n }\n\n /\n @dev Moves tokensamountfromsendertorecipient.\n \n This is internal function is equivalent to {transfer}, and can be used to\n e.g. implement automatic token fees, slashing mechanisms, etc.\n \n Emits a {Transfer} event.\n \n Requirements:\n \n -sendercannot be the zero address.\n -recipientcannot be the zero address.\n -sendermust have a balance of at leastamount.\n */\n function _transfer(address sender, address recipient, uint256 amount) internal {\n require(sender != address(0), \\"ERC20: transfer from the zero address\\");\n require(recipient != address(0), \\"ERC20: transfer to the zero address\\");\n\n _balances[sender] = _balances[sender].sub(amount, \\"ERC20: transfer amount exceeds balance\\");\n _balances[recipient] = _balances[recipient].add(amount);\n emit Transfer(sender, recipient, amount);\n }\n\n / @dev Createsamounttokens and assigns them toaccount, increasing\n the total supply.\n \n Emits a {Transfer} event withfromset to the zero address.\n \n Requirements\n \n -tocannot be the zero address.\n /\n function _mint(address account, uint256 amount) internal {\n require(account != address(0), \\"ERC20: mint to the zero address\\");\n\n _totalSupply = _totalSupply.add(amount);\n _balances[account] = _balances[account].add(amount);\n emit Transfer(address(0), account, amount);\n }\n\n /\n @dev Destroysamounttokens fromaccount, reducing the\n total supply.\n \n Emits a {Transfer} event withtoset to the zero address.\n \n Requirements\n \n -accountcannot be the zero address.\n -accountmust have at leastamounttokens.\n /\n function _burn(address account, uint256 amount) internal {\n require(account != address(0), \\"ERC20: burn from the zero address\\");\n\n _balances[account] = _balances[account].sub(amount, \\"ERC20: burn amount exceeds balance\\");\n _totalSupply = _totalSupply.sub(amount);\n emit Transfer(account, address(0), amount);\n }\n\n /\n @dev Setsamountas the allowance ofspenderover theowners tokens.\n \n This is internal function is equivalent toapprove, and can be used to\n e.g. set automatic allowances for certain subsystems, etc.\n \n Emits an {Approval} event.\n \n Requirements:\n \n -ownercannot be the zero address.\n -spendercannot be the zero address.\n /\n function _approve(address owner, address spender, uint256 amount) internal {\n require(owner != address(0), \\"ERC20: approve from the zero address\\");\n require(spender != address(0), \\"ERC20: approve to the zero address\\");\n\n _allowances[owner][spender] = amount;\n emit Approval(owner, spender, amount);\n }\n\n /\n @dev Destroysamounttokens fromaccount.amountis then deducted\n from the caller's allowance.\n \n See {_burn} and {_approve}.\n */\n function _burnFrom(address account, uint256 amount) internal {\n _burn(account, amount);\n _approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, \\"ERC20: burn amount exceeds allowance\\"));\n }\n\n uint256[50] private __gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/\n @dev Wrappers over Solidity's arithmetic operations with added overflow\n checks.\n \n Arithmetic operations in Solidity wrap on overflow. This can easily result\n in bugs, because programmers usually assume that an overflow raises an\n error, which is the standard behavior in high level programming languages.\nSafeMathrestores this intuition by reverting the transaction when an\n operation overflows.\n \n Using this library instead of the unchecked operations eliminates an entire\n class of bugs, so it's recommended to use it always.\n /\nlibrary SafeMath {\n /\n @dev Returns the addition of two unsigned integers, reverting on\n overflow.\n \n Counterpart to Solidity's+operator.\n \n Requirements:\n - Addition cannot overflow.\n /\n function add(uint256 a, uint256 b) internal pure returns (uint256) {\n uint256 c = a + b;\n require(c >= a, \\"SafeMath: addition overflow\\");\n\n return c;\n }\n\n /\n @dev Returns the subtraction of two unsigned integers, reverting on\n overflow (when the result is negative).\n \n Counterpart to Solidity's-operator.\n \n Requirements:\n - Subtraction cannot overflow.\n /\n function sub(uint256 a, uint256 b) internal pure returns (uint256) {\n return sub(a, b, \\"SafeMath: subtraction overflow\\");\n }\n\n /\n @dev Returns the subtraction of two unsigned integers, reverting with custom message on\n overflow (when the result is negative).\n \n Counterpart to Solidity's-operator.\n \n Requirements:\n - Subtraction cannot overflow.\n \n Available since v2.4.0.\n /\n function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n require(b <= a, errorMessage);\n uint256 c = a - b;\n\n return c;\n }\n\n /\n @dev Returns the multiplication of two unsigned integers, reverting on\n overflow.\n \n Counterpart to Solidity's*operator.\n \n Requirements:\n - Multiplication cannot overflow.\n /\n function mul(uint256 a, uint256 b) internal pure returns (uint256) {\n // Gas optimization: this is cheaper than requiring 'a' not being zero, but the\n // benefit is lost if 'b' is also tested.\n // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522\\n if (a == 0) {\n return 0;\n }\n\n uint256 c = a * b;\n require(c / a == b, \\"SafeMath: multiplication overflow\\");\n\n return c;\n }\n\n /\n @dev Returns the integer division of two unsigned integers. Reverts on\n division by zero. The result is rounded towards zero.\n \n Counterpart to Solidity's/operator. Note: this function uses a\nrevertopcode (which leaves remaining gas untouched) while Solidity\n uses an invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n /\n function div(uint256 a, uint256 b) internal pure returns (uint256) {\n return div(a, b, \\"SafeMath: division by zero\\");\n }\n\n /*\n @dev Returns the integer division of two unsigned integers. Reverts with custom message on\n division by zero. The result is rounded towards zero.\n \n Counterpart to Solidity's/operator. Note: this function uses a\nrevertopcode (which leaves remaining gas untouched) while Solidity\n uses an invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n \n Available since v2.4.0.\n /\n function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n // Solidity only automatically asserts when dividing by 0\n require(b > 0, errorMessage);\n uint256 c = a / b;\n // assert(a == b c + a % b); // There is no case in which this doesn't hold\n\n return c;\n }\n\n /\n @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n Reverts when dividing by zero.\n \n Counterpart to Solidity's%operator. This function uses arevert\n opcode (which leaves remaining gas untouched) while Solidity uses an\n invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n /\n function mod(uint256 a, uint256 b) internal pure returns (uint256) {\n return mod(a, b, \\"SafeMath: modulo by zero\\");\n }\n\n /\n @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n Reverts with custom message when dividing by zero.\n \n Counterpart to Solidity's%operator. This function uses arevert\n opcode (which leaves remaining gas untouched) while Solidity uses an\n invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n \n Available since v2.4.0.\n /\n function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n require(b != 0, errorMessage);\n return a % b;\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/GSN/Context.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\n\n/\n @dev Provides information about the current execution context, including the\n sender of the transaction and its data. While these are generally available\n via msg.sender and msg.data, they should not be accessed in such a direct\n manner, since when dealing with GSN meta-transactions the account sending and\n paying for execution may not be the actual sender (as far as an application\n is concerned).\n \n This contract is only required for intermediate, library-like contracts.\n /\ncontract Context is Initializable {\n // Empty internal constructor, to prevent people from mistakenly deploying\n // an instance of this contract, which should be used via inheritance.\n constructor () internal { }\n // solhint-disable-previous-line no-empty-blocks\n\n function _msgSender() internal view returns (address payable) {\n return msg.sender;\n }\n\n function _msgData() internal view returns (bytes memory) {\n this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691\\n return msg.data;\n }\n}\n\"}},\"settings\":{\"remappings\":[],\"optimizer\":{\"enabled\":true,\"runs\":200},\"evmVersion\":\"istanbul\",\"libraries\":{}}}", "codeformat": "solidity-standard-json-input", "contractname": "/contracts/DecentralizedAutonomousTrust.sol:DecentralizedAutonomousTrust", "compilerversion": "v0.5.17+commit.d19bba13", "constructorArguements": "" } Checking status of verification request gzjk3se7lr4rx1pseckikyqzwdcckmqwk8fhv2dcesggwdaaq7 Fail - Unable to verify Failed to verify 1 contract(s): DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03 ➜ fairmint-c-org git:(master) ✗ truffle migrate --network ropstenCompiling your contracts...
Network up to date. ➜ fairmint-c-org git:(master) ✗ truffle migrate --network ropsten
Compiling your contracts...
Network up to date. ➜ fairmint-c-org git:(master) ✗ truffle run verify DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03 --network ropsten --debug DEBUG logging is turned ON Running truffle-plugin-verify v0.5.18 Retrieving network's chain ID Verifying DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03 Reading artifact file at /Users/vilasmalhotra/Desktop/fairmint-c-org/build/contracts/DecentralizedAutonomousTrust.json Custom address 0xfa1B723C90927650b142a2c4a12644321C168d03 specified Retrieving constructor parameters from https://api-ropsten.etherscan.io/api?apiKey=WNDWXXAEHAVW4YC7GFZ3FI66WGWQIIZXZT&module=account&action=txlist&address=0xfa1B723C90927650b142a2c4a12644321C168d03&page=1&sort=asc&offset=1 Constructor parameters retrieved: 0x Sending verify request with POST arguments: { "apikey": "WNDWXXAEHAVW4YC7GFZ3FI66WGWQIIZXZT", "module": "contract", "action": "verifysourcecode", "contractaddress": "0xfa1B723C90927650b142a2c4a12644321C168d03", "sourceCode": "{\"language\":\"Solidity\",\"sources\":{\"/contracts/DecentralizedAutonomousTrust.sol\":{\"content\":\"pragma solidity 0.5.17;\n\nimport \\"./ContinuousOffering.sol\\";\n\n/\n @title Decentralized Autonomous Trust\n This contract is the reference implementation provided by Fairmint for a\n Decentralized Autonomous Trust as described in the continuous\n organization whitepaper (https://github.com/c-org/whitepaper) and\n specified here: https://github.com/fairmint/c-org/wiki. Use at your own\n risk. If you have question or if you're looking for a ready-to-use\n solution using this contract, you might be interested in Fairmint's\n offering. Do not hesitate to get in touch with us: https://fairmint.co\\n /\ncontract DecentralizedAutonomousTrust is ContinuousOffering {\n event Close(uint _exitFee);\n event Pay(address indexed _from, uint _currencyValue);\n event UpdateConfig(\n address _whitelistAddress,\n address indexed _beneficiary,\n address indexed _control,\n address indexed _feeCollector,\n uint _revenueCommitmentBasisPoints,\n uint _feeBasisPoints,\n uint _minInvestment,\n uint _minDuration\n );\n\n /// @notice The revenue commitment of the organization. Defines the percentage of the value paid through the contract\n /// that is automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n function revenueCommitmentBasisPoints() public view returns (uint) {\n return __revenueCommitmentBasisPoints;\n }\n\n /// @notice The investment reserve of the c-org. Defines the percentage of the value invested that is\n /// automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n function investmentReserveBasisPoints() public view returns (uint) {\n return investmentReserveBasisPoints;\n }\n\n /// @notice Initialized at
0and updated when the contract switches frominitstate torunstate\n /// with the current timestamp.\n function runStartedOn() public view returns (uint) {\n return startedOn;\n }\n\n function initialize(\n uint _initReserve,\n address _currencyAddress,\n uint _initGoal,\n uint _buySlopeNum,\n uint _buySlopeDen,\n uint _investmentReserveBasisPoints,\n uint _setupFee,\n address payable _setupFeeRecipient,\n string memory _name,\n string memory _symbol\n ) public\n {\n // _initialize will enforce this is only called once\n super._initialize(\n _initReserve,\n _currencyAddress,\n _initGoal,\n _buySlopeNum,\n _buySlopeDen,\n _setupFee,\n _setupFeeRecipient,\n _name,\n _symbol\n );\n\n // Set initGoal, which in turn defines the initial state\n if(_initGoal == 0)\n {\n emit StateChange(state, STATE_RUN);\n state = STATE_RUN;\n startedOn = block.timestamp;\n }\n else\n {\n // Math: If this value got too large, the DAT would overflow on sell\n require(_initGoal < MAX_SUPPLY, \\"EXCESSIVE_GOAL\\");\n initGoal = _initGoal;\n }\n\n // 100% or less\n require(_investmentReserveBasisPoints <= BASIS_POINTS_DEN, \\"INVALID_RESERVE\\");\n investmentReserveBasisPoints = _investmentReserveBasisPoints;\n }\n\n /// Close\n\n function estimateExitFee(uint _msgValue) public view returns (uint) {\n uint exitFee;\n\n if (state == STATE_RUN) {\n uint reserve = buybackReserve();\n reserve = reserve.sub(_msgValue);\n\n // Source: t(t+b)(n/d)-r\n // Implementation: (b n t)/d + (n t^2)/d - r\n\n uint _totalSupply = totalSupply();\n\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE\n exitFee = BigDiv.bigDiv2x1(\n _totalSupply,\n burnedSupply buySlopeNum,\n buySlopeDen\n );\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE\n exitFee += BigDiv.bigDiv2x1(\n _totalSupply,\n buySlopeNum * _totalSupply,\n buySlopeDen\n );\n // Math: this if condition avoids a potential overflow\n if (exitFee <= reserve) {\n exitFee = 0;\n } else {\n exitFee -= reserve;\n }\n }\n\n return exitFee;\n }\n\n /// @notice Called by the beneficiary account to STATE_CLOSE or STATE_CANCEL the c-org,\n /// preventing any more tokens from being minted.\n /// @dev Requires anexitFeeto be paid. If the currency is ETH, include a little more than\n /// what appears to be required and any remainder will be returned to your account. This is\n /// because another user may have a transaction mined which changes the exitFee required.\n /// For othercurrencytypes, the beneficiary account will be billed the exact amount required.\n function close() public payable {\n uint exitFee = 0;\n\n if (state == STATE_RUN) {\n exitFee = estimateExitFee(msg.value);\n _collectInvestment(msg.sender, exitFee, msg.value, true);\n }\n\n super._close();\n emit Close(exitFee);\n }\n\n /// Pay\n\n /// @dev Pay the organization on-chain.\n /// @param _currencyValue How much currency which was paid.\n function pay(uint _currencyValue) public payable {\n _collectInvestment(msg.sender, _currencyValue, msg.value, false);\n require(state == STATE_RUN, \\"INVALID_STATE\\");\n require(_currencyValue > 0, \\"MISSING_CURRENCY\\");\n\n // Send a portion of the funds to the beneficiary, the rest is added to the buybackReserve\n // Math: if _currencyValue is < (2^256 - 1) / 10000 this will not overflow\n uint reserve = _currencyValue.mul(revenueCommitmentBasisPoints);\n reserve /= BASIS_POINTS_DEN;\n\n // Math: this will never underflow since revenueCommitmentBasisPoints is capped to BASIS_POINTS_DEN\n _transferCurrency(beneficiary, _currencyValue - reserve);\n\n emit Pay(msg.sender, _currencyValue);\n }\n\n /// @notice Pay the organization on-chain without minting any tokens.\n /// @dev This allows you to add funds directly to the buybackReserve.\n function() external payable {\n require(address(currency) == address(0), \\"ONLY_FOR_CURRENCY_ETH\\");\n }\n\n function updateConfig(\n address _whitelistAddress,\n address payable _beneficiary,\n address _control,\n address payable _feeCollector,\n uint _feeBasisPoints,\n uint _revenueCommitmentBasisPoints,\n uint _minInvestment,\n uint _minDuration\n ) public {\n _updateConfig(\n _whitelistAddress,\n _beneficiary,\n _control,\n _feeCollector,\n _feeBasisPoints,\n _minInvestment,\n _minDuration\n );\n\n require(\n _revenueCommitmentBasisPoints <= BASIS_POINTS_DEN,\n \\"INVALID_COMMITMENT\\"\n );\n require(\n _revenueCommitmentBasisPoints >= revenueCommitmentBasisPoints,\n \\"COMMITMENT_MAY_NOT_BE_REDUCED\\"\n );\n revenueCommitmentBasisPoints = _revenueCommitmentBasisPoints;\n\n emit UpdateConfig(\n _whitelistAddress,\n _beneficiary,\n _control,\n _feeCollector,\n _revenueCommitmentBasisPoints,\n _feeBasisPoints,\n _minInvestment,\n _minDuration\n );\n }\n\n /// @notice A temporary function to setrunStartedOn, to be used by contracts which were\n /// already deployed before this feature was introduced.\n /// @dev This function will be removed once known users have called the function.\n function initializeRunStartedOn(\n uint _runStartedOn\n ) external\n {\n require(msg.sender == control, \\"CONTROL_ONLY\\");\n require(state == STATE_RUN, \\"ONLY_CALL_IN_RUN\\");\n require(startedOn == 0, \\"ONLY_CALL_IF_NOT_AUTO_SET\\");\n require(_runStartedOn <= block.timestamp, \\"DATE_MUST_BE_IN_PAST\\");\n\n startedOn = _runStartedOn;\n }\n\n /// @dev Distributes _value currency between the buybackReserve, beneficiary, and feeCollector.\n function _distributeInvestment(\n uint _value\n ) internal\n {\n // Rounding favors buybackReserve, then beneficiary, and feeCollector is last priority.\n\n // Math: if investment value is < (2^256 - 1) / 10000 this will never overflow.\n // Except maybe with a huge single investment, but they can try again with multiple smaller investments.\n uint reserve = investmentReserveBasisPoints.mul(_value);\n reserve /= BASIS_POINTS_DEN;\n reserve = _value.sub(reserve);\n uint fee = reserve.mul(feeBasisPoints);\n fee /= BASIS_POINTS_DEN;\n\n // Math: since feeBasisPoints is <= BASIS_POINTS_DEN, this will never underflow.\n _transferCurrency(beneficiary, reserve - fee);\n _transferCurrency(feeCollector, fee);\n }\n}\n\"},\"/contracts/math/Sqrt.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/*\n @title Calculates the square root of a given value.\n @dev Results may be off by 1.\n /\nlibrary Sqrt {\n /// @notice The max possible value\n uint private constant MAX_UINT = 2256 - 1;\n\n // Source: https://github.com/ethereum/dapp-bin/pull/50\\n function sqrt(uint x) internal pure returns (uint y) {\n if (x == 0) {\n return 0;\n } else if (x <= 3) {\n return 1;\n } else if (x == MAX_UINT) {\n // Without this we fail on x + 1 below\n return 2128 - 1;\n }\n\n uint z = (x + 1) / 2;\n y = x;\n while (z < y) {\n y = z;\n z = (x / z + z) / 2;\n }\n }\n}\n\"},\"/contracts/math/BigDiv.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\\";\n\n/\n @title Reduces the size of terms before multiplication, to avoid an overflow, and then\n restores the proper size after division.\n @notice This effectively allows us to overflow values in the numerator and/or denominator\n of a fraction, so long as the end result does not overflow as well.\n @dev Results may be off by 1 + 0.000001% for 2x1 calls and 2 + 0.00001% for 2x2 calls.\n Do not use if your contract expects very small result values to be accurate.\n /\nlibrary BigDiv {\n using SafeMath for uint;\n\n /// @notice The max possible value\n uint private constant MAX_UINT = 2256 - 1;\n\n /// @notice When multiplying 2 terms <= this value the result won't overflow\n uint private constant MAX_BEFORE_SQUARE = 2128 - 1;\n\n /// @notice The max error target is off by 1 plus up to 0.000001% error\n /// for bigDiv2x1 and that ` 2for bigDiv2x2\\n uint private constant MAX_ERROR = 100000000;\\n\\n /// @notice A larger error threshold to use when multiple rounding errors may apply\\n uint private constant MAX_ERROR_BEFORE_DIV = MAX_ERROR * 2;\\n\\n /**\\n * @notice Returns the approx result ofa b / d` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _den the denominator\n @return the approx result with up to off by 1 + MAX_ERROR, rounding down if needed\n /\n function bigDiv2x1(\n uint _numA,\n uint _numB,\n uint _den\n ) internal pure returns (uint) {\n if (_numA == 0 || _numB == 0) {\n // would div by 0 or underflow if we don't special case 0\n return 0;\n }\n\n uint value;\n\n if (MAX_UINT / _numA >= _numB) {\n // ab does not overflow, return exact math\n value = _numA _numB;\n value /= _den;\n return value;\n }\n\n // Sort numerators\n uint numMax = _numB;\n uint numMin = _numA;\n if (_numA > _numB) {\n numMax = _numA;\n numMin = _numB;\n }\n\n value = numMax / _den;\n if (value > MAX_ERROR) {\n // _den is small enough to be MAX_ERROR or better w/o a factor\n value = value.mul(numMin);\n return value;\n }\n\n // formula = ((a / f) b) / (d / f)\n // factor >= a / sqrt(MAX) (b / sqrt(MAX))\n uint factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n uint temp = numMax - 1;\n temp /= MAX_BEFORE_SQUARE;\n temp += 1;\n if (MAX_UINT / factor >= temp) {\n factor = temp;\n value = numMax / factor;\n if (value > MAX_ERROR_BEFORE_DIV) {\n value = value.mul(numMin);\n temp = _den - 1;\n temp /= factor;\n temp = temp.add(1);\n value /= temp;\n return value;\n }\n }\n\n // formula: (a / (d / f)) (b / f)\n // factor: b / sqrt(MAX)\n factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n value = numMin / factor;\n temp = _den - 1;\n temp /= factor;\n temp += 1;\n temp = numMax / temp;\n value = value.mul(temp);\n return value;\n }\n\n /\n @notice Returns the approx result of `a b / d` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _den the denominator\n @return the approx result with up to off by 1 + MAX_ERROR, rounding down if needed\n @dev roundUp is implemented by first rounding down and then adding the max error to the result\n /\n function bigDiv2x1RoundUp(\n uint _numA,\n uint _numB,\n uint _den\n ) internal pure returns (uint) {\n // first get the rounded down result\n uint value = bigDiv2x1(_numA, _numB, _den);\n\n if (value == 0) {\n // when the value rounds down to 0, assume up to an off by 1 error\n return 1;\n }\n\n // round down has a max error of MAX_ERROR, add that to the result\n // for a round up error of <= MAX_ERROR\n uint temp = value - 1;\n temp /= MAX_ERROR;\n temp += 1;\n if (MAX_UINT - value < temp) {\n // value + error would overflow, return MAX\n return MAX_UINT;\n }\n\n value += temp;\n\n return value;\n }\n\n /\n @notice Returns the approx result of `a b / (c d)` so long as the result is <= MAX_UINT\n @param _numA the first numerator term\n @param _numB the second numerator term\n @param _denA the first denominator term\n @param _denB the second denominator term\n @return the approx result with up to off by 2 + MAX_ERROR10 error, rounding down if needed\n @dev this uses bigDiv2x1 and adds additional rounding error so the max error of this\n formula is larger\n /\n function bigDiv2x2(\n uint _numA,\n uint _numB,\n uint _denA,\n uint _denB\n ) internal pure returns (uint) {\n if (MAX_UINT / _denA >= _denB) {\n // denAdenB does not overflow, use bigDiv2x1 instead\n return bigDiv2x1(_numA, _numB, _denA _denB);\n }\n\n if (_numA == 0 || _numB == 0) {\n // would div by 0 or underflow if we don't special case 0\n return 0;\n }\n\n // Sort denominators\n uint denMax = _denB;\n uint denMin = _denA;\n if (_denA > _denB) {\n denMax = _denA;\n denMin = _denB;\n }\n\n uint value;\n\n if (MAX_UINT / _numA >= _numB) {\n // ab does not overflow, usea / d / c\n value = _numA _numB;\n value /= denMin;\n value /= denMax;\n return value;\n }\n\n //ab / cdwhere bothabandcdwould overflow\n\n // Sort numerators\n uint numMax = _numB;\n uint numMin = _numA;\n if (_numA > _numB) {\n numMax = _numA;\n numMin = _numB;\n }\n\n // formula = (a/d) b / c\n uint temp = numMax / denMin;\n if (temp > MAX_ERROR_BEFORE_DIV) {\n return bigDiv2x1(temp, numMin, denMax);\n }\n\n // formula: ((a/f) b) / d then either f / c or / c f\n // factor >= a / sqrt(MAX) (b / sqrt(MAX))\n uint factor = numMin - 1;\n factor /= MAX_BEFORE_SQUARE;\n factor += 1;\n temp = numMax - 1;\n temp /= MAX_BEFORE_SQUARE;\n temp += 1;\n if (MAX_UINT / factor >= temp) {\n factor = temp;\n\n value = numMax / factor;\n if (value > MAX_ERROR_BEFORE_DIV) {\n value = value.mul(numMin);\n value /= denMin;\n if (value > 0 && MAX_UINT / value >= factor) {\n value = factor;\n value /= denMax;\n return value;\n }\n }\n }\n\n // formula: (a/f) b / ((cd)/f)\n // factor >= c / sqrt(MAX) (d / sqrt(MAX))\n factor = denMin;\n factor /= MAX_BEFORE_SQUARE;\n temp = denMax;\n // + 1 here prevents overflow of factortemp\n temp /= MAX_BEFORE_SQUARE + 1;\n factor = temp;\n return bigDiv2x1(numMax / factor, numMin, MAX_UINT);\n }\n}\n\"},\"/contracts/interfaces/IWhitelist.sol\":{\"content\":\"pragma solidity 0.5.17;\n\n/\n Source: https://raw.githubusercontent.com/simple-restricted-token/reference-implementation/master/contracts/token/ERC1404/ERC1404.sol\\n With ERC-20 APIs removed (will be implemented as a separate contract).\n And adding authorizeTransfer.\n /\ninterface IWhitelist {\n /\n @notice Detects if a transfer will be reverted and if so returns an appropriate reference code\n @param from Sending address\n @param to Receiving address\n @param value Amount of tokens being transferred\n @return Code by which to reference message for rejection reasoning\n @dev Overwrite with your custom transfer restriction logic\n */\n function detectTransferRestriction(\n address from,\n address to,\n uint value\n ) external view returns (uint8);\n\n /\n @notice Returns a human-readable message for a given restriction code\n @param restrictionCode Identifier for looking up a message\n @return Text showing the restriction's reasoning\n @dev Overwrite with your custom message and restrictionCode handling\n */\n function messageForTransferRestriction(uint8 restrictionCode)\n external\n pure\n returns (string memory);\n\n /*\n @notice Called by the DAT contract before a transfer occurs.\n @dev This call will revert when the transfer is not authorized.\n This is a mutable call to allow additional data to be recorded,\n such as when the user aquired their tokens.\n /\n function authorizeTransfer(\n address _from,\n address _to,\n uint _value,\n bool _isSell\n ) external;\n\n function walletActivated(\n address _wallet\n ) external returns(bool);\n}\n\"},\"/contracts/interfaces/IERC20Detailed.sol\":{\"content\":\"pragma solidity 0.5.17;\n\ninterface IERC20Detailed {\n /\n @dev Returns the number of decimals used to get its user representation.\n For example, ifdecimalsequals2, a balance of505tokens should\n * be displayed to a user as5,05(505 / 10 ** 2).\n \n Tokens usually opt for a value of 18, imitating the relationship between\n Ether and Wei.\n \n NOTE: This information is only used for display purposes: it in\n no way affects any of the arithmetic of the contract, including\n {IERC20-balanceOf} and {IERC20-transfer}.\n /\n function decimals() external view returns (uint8);\n}\n\"},\"/contracts/ContinuousOffering.sol\":{\"content\":\"pragma solidity 0.5.17;\n\nimport \\"./interfaces/IWhitelist.sol\\";\nimport \\"./interfaces/IERC20Detailed.sol\\";\nimport \\"./math/BigDiv.sol\\";\nimport \\"./math/Sqrt.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/IERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/SafeERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20Detailed.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\\";\nimport \\"@openzeppelin/contracts-ethereum-package/contracts/utils/Address.sol\\";\n\n\n/\n @title Continuous Offering abstract contract\n @notice A shared base for various offerings from Fairmint.\n */\ncontract ContinuousOffering\n is ERC20, ERC20Detailed\n{\n using SafeMath for uint;\n using Sqrt for uint;\n using SafeERC20 for IERC20;\n\n /\n Events\n /\n\n event Buy(\n address indexed _from,\n address indexed _to,\n uint _currencyValue,\n uint _fairValue\n );\n event Sell(\n address indexed _from,\n address indexed _to,\n uint _currencyValue,\n uint _fairValue\n );\n event Burn(\n address indexed _from,\n uint _fairValue\n );\n event StateChange(\n uint _previousState,\n uint _newState\n );\n\n /\n Constants\n /\n\n /// @notice The default state\n uint internal constant STATE_INIT = 0;\n\n /// @notice The state after initGoal has been reached\n uint internal constant STATE_RUN = 1;\n\n /// @notice The state after closed by thebeneficiaryaccount from STATE_RUN\n uint internal constant STATE_CLOSE = 2;\n\n /// @notice The state after closed by thebeneficiaryaccount from STATE_INIT\n uint internal constant STATE_CANCEL = 3;\n\n /// @notice When multiplying 2 terms, the max value is 2^128-1\n uint internal constant MAX_BEFORE_SQUARE = 2128 - 1;\n\n /// @notice The denominator component for values specified in basis points.\n uint internal constant BASIS_POINTS_DEN = 10000;\n\n /// @notice The maxtotalSupply() + burnedSupply\n /// @dev This limit ensures that the DAT's formulas do not overflow (<MAX_BEFORE_SQUARE/2)\n uint internal constant MAX_SUPPLY = 10 38;\n\n /\n Data specific to our token business logic\n /\n\n /// @notice The contract for transfer authorizations, if any.\n IWhitelist public whitelist;\n\n /// @notice The total number of burned FAIR tokens, excluding tokens burned from aSellaction in the DAT.\n uint public burnedSupply;\n\n /\n Data for DAT business logic\n /\n\n /// @dev unused slot which remains to ensure compatible upgrades\n bool private autoBurn;\n\n /// @notice The address of the beneficiary organization which receives the investments.\n /// Points to the wallet of the organization.\n address payable public beneficiary;\n\n /// @notice The buy slope of the bonding curve.\n /// Does not affect the financial model, only the granularity of FAIR.\n /// @dev This is the numerator component of the fractional value.\n uint public buySlopeNum;\n\n /// @notice The buy slope of the bonding curve.\n /// Does not affect the financial model, only the granularity of FAIR.\n /// @dev This is the denominator component of the fractional value.\n uint public buySlopeDen;\n\n /// @notice The address from which the updatable variables can be updated\n address public control;\n\n /// @notice The address of the token used as reserve in the bonding curve\n /// (e.g. the DAI contract). Use ETH if 0.\n IERC20 public currency;\n\n /// @notice The address where fees are sent.\n address payable public feeCollector;\n\n /// @notice The percent fee collected each time new FAIR are issued expressed in basis points.\n uint public feeBasisPoints;\n\n /// @notice The initial fundraising goal (expressed in FAIR) to start the c-org.\n ///0means that there is no initial fundraising and the c-org immediately moves to run state.\n uint public initGoal;\n\n /// @notice A map with all investors in init state using address as a key and amount as value.\n /// @dev This structure's purpose is to make sure that only investors can withdraw their money if init_goal is not reached.\n mapping(address => uint) public initInvestors;\n\n /// @notice The initial number of FAIR created at initialization for the beneficiary.\n /// Technically however, this variable is not a constant as we must always have\n ///init_reserve>=total_supply+burnt_supplywhich means thatinit_reservewill be automatically\n /// decreased to equaltotal_supply+burnt_supplyin caseinit_reserve>total_supply+burnt_supply\n /// after an investor sells his FAIRs.\n /// @dev Organizations may move these tokens into vesting contract(s)\n uint public initReserve;\n\n /// @notice The investment reserve of the c-org. Defines the percentage of the value invested that is\n /// automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n uint internal investmentReserveBasisPoints;\n\n /// @dev unused slot which remains to ensure compatible upgrades\n uint private openUntilAtLeast;\n\n /// @notice The minimum amount ofcurrencyinvestment accepted.\n uint public minInvestment;\n\n /// @dev The revenue commitment of the organization. Defines the percentage of the value paid through the contract\n /// that is automatically funneled and held into the buyback_reserve expressed in basis points.\n /// Internal since this is n/a to all derivative contracts.\n uint internal revenueCommitmentBasisPoints;\n\n /// @notice The current state of the contract.\n /// @dev See the constants above for possible state values.\n uint public state;\n\n /// @dev If this value changes we need to reconstruct the DOMAIN_SEPARATOR\n string public constant version = \\"3\\";\n // --- EIP712 niceties ---\n // Original source: https://etherscan.io/address/0x6b175474e89094c44da98b954eedeac495271d0f#code\\n mapping (address => uint) public nonces;\n bytes32 public DOMAIN_SEPARATOR;\n // keccak256(\\"Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;\n\n // The success fee (expressed in currency) that will be earned by setupFeeRecipient as soon as initGoal\n // is reached. We must have setup_fee <= buy_slope*init_goal^(2)/2\n uint public setupFee;\n\n // The recipient of the setup_fee once init_goal is reached\n address payable public setupFeeRecipient;\n\n /// @notice The minimum time before which the c-org contract cannot be closed once the contract has\n /// reached therunstate.\n /// @dev When updated, the new value ofminimum_durationcannot be earlier than the previous value.\n uint public minDuration;\n\n /// @dev Initialized at0and updated when the contract switches frominitstate torunstate\n /// or when the initial trial period ends.\n uint public __startedOn;\n\n /// @notice The max possible value\n uint internal constant MAX_UINT = 2256 - 1;\n\n // keccak256(\\"PermitBuy(address from,address to,uint256 currencyValue,uint256 minTokensBought,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_BUY_TYPEHASH = 0xaf42a244b3020d6a2253d9f291b4d3e82240da42b22129a8113a58aa7a3ddb6a;\n\n // keccak256(\\"PermitSell(address from,address to,uint256 quantityToSell,uint256 minCurrencyReturned,uint256 nonce,uint256 deadline)\\");\n bytes32 public constant PERMIT_SELL_TYPEHASH = 0x5dfdc7fb4c68a4c249de5e08597626b84fbbe7bfef4ed3500f58003e722cc548;\n\n modifier authorizeTransfer(\n address _from,\n address _to,\n uint _value,\n bool _isSell\n )\n {\n if(address(whitelist) != address(0))\n {\n // This is not set for the minting of initialReserve\n whitelist.authorizeTransfer(_from, _to, _value, isSell);\n }\n ;\n }\n\n /\n Buyback reserve\n /\n\n /// @notice The total amount of currency value currently locked in the contract and available to sellers.\n function buybackReserve() public view returns (uint)\n {\n uint reserve = address(this).balance;\n if(address(currency) != address(0))\n {\n reserve = currency.balanceOf(address(this));\n }\n\n if(reserve > MAX_BEFORE_SQUARE)\n {\n /// Math: If the reserve becomes excessive, cap the value to prevent overflowing in other formulas\n return MAX_BEFORE_SQUARE;\n }\n\n return reserve;\n }\n\n /\n Functions required by the ERC-20 token standard\n /\n\n /// @dev Moves tokens from one account to another if authorized.\n function _transfer(\n address _from,\n address _to,\n uint _amount\n ) internal\n authorizeTransfer(_from, _to, _amount, false)\n {\n require(state != STATE_INIT || _from == beneficiary, \\"ONLY_BENEFICIARY_DURING_INIT\\");\n super._transfer(_from, _to, _amount);\n }\n\n /// @dev Removes tokens from the circulating supply.\n function _burn(\n address _from,\n uint _amount,\n bool _isSell\n ) internal\n authorizeTransfer(_from, address(0), _amount, _isSell)\n {\n super._burn(_from, _amount);\n\n if(!_isSell)\n {\n // This is a burn\n require(state == STATE_RUN, \\"INVALID_STATE\\");\n // SafeMath not required as we cap how high this value may get during mint\n burnedSupply += _amount;\n emit Burn(_from, _amount);\n }\n }\n\n /// @notice Called to mint tokens onbuy.\n function _mint(\n address _to,\n \n uint _quantity\n ) internal\n authorizeTransfer(address(0), _to, _quantity, false)\n {\n super._mint(_to, _quantity);\n\n // Math: If this value got too large, the DAT may overflow on sell\n require(totalSupply().add(burnedSupply) <= MAX_SUPPLY, \\"EXCESSIVE_SUPPLY\\");\n }\n\n /\n Transaction Helpers\n /\n\n /// @notice Confirms the transfer of_quantityToInvestcurrency to the contract.\n function _collectInvestment(\n address payable _from,\n uint _quantityToInvest,\n uint _msgValue,\n bool _refundRemainder\n ) internal\n {\n if(address(currency) == address(0))\n {\n // currency is ETH\n if(_refundRemainder)\n {\n // Math: if _msgValue was not sufficient then revert\n uint refund = _msgValue.sub(_quantityToInvest);\n if(refund > 0)\n {\n Address.sendValue(msg.sender, refund);\n }\n }\n else\n {\n require(_quantityToInvest == _msgValue, \\"INCORRECT_MSG_VALUE\\");\n }\n }\n else\n {\n // currency is ERC20\n require(_msgValue == 0, \\"DO_NOT_SEND_ETH\\");\n\n currency.safeTransferFrom(_from, address(this), _quantityToInvest);\n }\n }\n\n /// @dev Send_amountcurrency from the contract to the_toaccount.\n function _transferCurrency(\n address payable _to,\n uint _amount\n ) internal\n {\n if(_amount > 0)\n {\n if(address(currency) == address(0))\n {\n Address.sendValue(_to, _amount);\n }\n else\n {\n currency.safeTransfer(_to, _amount);\n }\n }\n }\n\n /\n Config / Control\n /\n\n /// @notice Called once after deploy to set the initial configuration.\n /// None of the values provided here may change once initially set.\n /// @dev using the init pattern in order to support zos upgrades\n function _initialize(\n uint _initReserve,\n address _currencyAddress,\n uint _initGoal,\n uint _buySlopeNum,\n uint _buySlopeDen,\n uint _setupFee,\n address payable _setupFeeRecipient,\n string memory _name,\n string memory _symbol\n ) internal\n {\n // The ERC-20 implementation will confirm initialize is only run once\n ERC20Detailed.initialize(_name, _symbol, 18);\n\n require(_buySlopeNum > 0, \\"INVALID_SLOPE_NUM\\");\n require(_buySlopeDen > 0, \\"INVALID_SLOPE_DEN\\");\n require(_buySlopeNum < MAX_BEFORE_SQUARE, \\"EXCESSIVE_SLOPE_NUM\\");\n require(_buySlopeDen < MAX_BEFORE_SQUARE, \\"EXCESSIVE_SLOPE_DEN\\");\n buySlopeNum = _buySlopeNum;\n buySlopeDen = _buySlopeDen;\n\n // Setup Fee\n require(_setupFee == 0 || _setupFeeRecipient != address(0), \\"MISSING_SETUP_FEE_RECIPIENT\\");\n require(_setupFeeRecipient == address(0) || _setupFee != 0, \\"MISSING_SETUP_FEE\\");\n // setup_fee <= (n/d)(g^2)/2\n uint initGoalInCurrency = _initGoal _initGoal;\n initGoalInCurrency = initGoalInCurrency.mul(_buySlopeNum);\n initGoalInCurrency /= 2 _buySlopeDen;\n require(_setupFee <= initGoalInCurrency, \\"EXCESSIVE_SETUP_FEE\\");\n setupFee = _setupFee;\n setupFeeRecipient = _setupFeeRecipient;\n\n // Set default values (which may be updated usingupdateConfig)\n uint decimals = 18;\n if(_currencyAddress != address(0))\n {\n decimals = IERC20Detailed(_currencyAddress).decimals();\n }\n minInvestment = 100 (10 decimals);\n beneficiary = msg.sender;\n control = msg.sender;\n feeCollector = msg.sender;\n\n // Save currency\n currency = IERC20(_currencyAddress);\n\n // Mint the initial reserve\n if(_initReserve > 0)\n {\n initReserve = _initReserve;\n _mint(beneficiary, initReserve);\n }\n\n initializeDomainSeparator();\n }\n\n /// @notice Used to initialize the domain separator used in meta-transactions\n /// @dev This is separate frominitializeto allow upgraded contracts to update the version\n /// There is no harm in calling this multiple times / no permissions required\n function initializeDomainSeparator() public\n {\n uint id;\n // solium-disable-next-line\n assembly\n {\n id := chainid()\n }\n DOMAIN_SEPARATOR = keccak256(\n abi.encode(\n keccak256(\\"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)\\"),\n keccak256(bytes(name())),\n keccak256(bytes(version)),\n id,\n address(this)\n )\n );\n }\n\n function _updateConfig(\n address _whitelistAddress,\n address payable _beneficiary,\n address _control,\n address payable _feeCollector,\n uint _feeBasisPoints,\n uint _minInvestment,\n uint _minDuration\n ) internal\n {\n // This require(also confirms that initialize has been called.\n require(msg.sender == control, \\"CONTROL_ONLY\\");\n\n // address(0) is okay\n whitelist = IWhitelist(_whitelistAddress);\n\n require(_control != address(0), \\"INVALID_ADDRESS\\");\n control = _control;\n\n require(_feeCollector != address(0), \\"INVALID_ADDRESS\\");\n feeCollector = _feeCollector;\n\n require(_feeBasisPoints <= BASIS_POINTS_DEN, \\"INVALID_FEE\\");\n feeBasisPoints = _feeBasisPoints;\n\n require(_minInvestment > 0, \\"INVALID_MIN_INVESTMENT\\");\n minInvestment = _minInvestment;\n\n require(_minDuration >= minDuration, \\"MIN_DURATION_MAY_NOT_BE_REDUCED\\");\n minDuration = _minDuration;\n\n if(beneficiary != _beneficiary)\n {\n require(_beneficiary != address(0), \\"INVALID_ADDRESS\\");\n uint tokens = balanceOf(beneficiary);\n initInvestors[_beneficiary] = initInvestors[_beneficiary].add(initInvestors[beneficiary]);\n initInvestors[beneficiary] = 0;\n if(tokens > 0)\n {\n _transfer(beneficiary, _beneficiary, tokens);\n }\n beneficiary = _beneficiary;\n }\n }\n\n /\n Functions for our business logic\n /\n\n /// @notice Burn the amount of tokens from the address msg.sender if authorized.\n /// @dev Note that this is not the same as asellvia the DAT.\n function burn(\n uint _amount\n ) public\n {\n _burn(msg.sender, _amount, false);\n }\n\n /// @notice Burn the amount of tokens from the given address if approved.\n function burnFrom(\n address _from,\n uint _amount\n ) public\n {\n _approve(_from, msg.sender, allowance(_from, msg.sender).sub(_amount, \\"ERC20: burn amount exceeds allowance\\"));\n _burn(_from, _amount, false);\n }\n\n // Buy\n\n /// @dev Distributes _value currency between the buybackReserve, beneficiary, and feeCollector.\n function _distributeInvestment(uint _value) internal;\n\n /// @notice Calculate how many FAIR tokens you would buy with the given amount of currency ifbuywas called now.\n /// @param _currencyValue How much currency to spend in order to buy FAIR.\n function estimateBuyValue(\n uint _currencyValue\n ) public view\n returns (uint)\n {\n if(_currencyValue < minInvestment)\n {\n return 0;\n }\n\n /// Calculate the tokenValue for this investment\n uint tokenValue;\n if(state == STATE_INIT)\n {\n uint currencyValue = _currencyValue;\n uint _totalSupply = totalSupply();\n // (buy_slopeinit_goal)(init_goal+init_reserve-total_supply)\n // n/d: buy_slope (MAX_BEFORE_SQUARE / MAX_BEFORE_SQUARE)\n // g: init_goal (MAX_BEFORE_SQUARE)\n // t: total_supply (MAX_BEFORE_SQUARE)\n // r: init_reserve (MAX_BEFORE_SQUARE)\n // source: ((n/d)g)(g+r-t)\n // impl: (g n (g + r - t))/(d)\n uint max = BigDiv.bigDiv2x1(\n initGoal buySlopeNum,\n initGoal + initReserve - _totalSupply,\n buySlopeDen\n );\n if(currencyValue > max)\n {\n currencyValue = max;\n }\n // Math: worst case\n // MAX MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE\n tokenValue = BigDiv.bigDiv2x1(\n currencyValue,\n buySlopeDen,\n initGoal buySlopeNum\n );\n\n if(currencyValue != _currencyValue)\n {\n currencyValue = _currencyValue - max;\n // ((2next_amount/buy_slope)+init_goal^2)^(1/2)-init_goal\n // a: next_amount | currencyValue\n // n/d: buy_slope (MAX_BEFORE_SQUARE / MAX_BEFORE_SQUARE)\n // g: init_goal (MAX_BEFORE_SQUARE/2)\n // r: init_reserve (MAX_BEFORE_SQUARE/2)\n // sqrt(((2a/(n/d))+g^2)-g\n // sqrt((2 d a + n g^2)/n) - g\n\n // currencyValue == 2 d a\n uint temp = 2 buySlopeDen;\n currencyValue = temp.mul(currencyValue);\n\n // temp == g^2\n temp = initGoal;\n temp = temp;\n\n // temp == n g^2\n temp = temp.mul(buySlopeNum);\n\n // temp == (2 d a) + n g^2\n temp = currencyValue.add(temp);\n\n // temp == (2 d a + n g^2)/n\n temp /= buySlopeNum;\n\n // temp == sqrt((2 d a + n g^2)/n)\n temp = temp.sqrt();\n\n // temp == sqrt((2 d a + n g^2)/n) - g\n temp -= initGoal;\n\n tokenValue = tokenValue.add(temp);\n }\n }\n else if(state == STATE_RUN)\n {\n // initReserve is reduced on sell as necessary to ensure that this line will not overflow\n uint supply = totalSupply() + burnedSupply - initReserve;\n // Math: worst case\n // MAX 2 MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE\n tokenValue = BigDiv.bigDiv2x1(\n _currencyValue,\n 2 buySlopeDen,\n buySlopeNum\n );\n\n // Math: worst case MAX + (MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE)\n tokenValue = tokenValue.add(supply supply);\n tokenValue = tokenValue.sqrt();\n\n // Math: small chance of underflow due to possible rounding in sqrt\n tokenValue = tokenValue.sub(supply);\n }\n else\n {\n // invalid state\n return 0;\n }\n\n return tokenValue;\n }\n\n function _buy(\n address payable _from,\n address _to,\n uint _currencyValue,\n uint _minTokensBought\n ) internal\n {\n require(_to != address(0), \\"INVALID_ADDRESS\\");\n require(_minTokensBought > 0, \\"MUST_BUY_AT_LEAST_1\\");\n\n // Calculate the tokenValue for this investment\n uint tokenValue = estimateBuyValue(_currencyValue);\n require(tokenValue >= _minTokensBought, \\"PRICE_SLIPPAGE\\");\n\n emit Buy(_from, _to, _currencyValue, tokenValue);\n\n _collectInvestment(_from, _currencyValue, msg.value, false);\n\n // Update state, initInvestors, and distribute the investment when appropriate\n if(state == STATE_INIT)\n {\n // Math worst case: MAX_BEFORE_SQUARE\n initInvestors[_to] += tokenValue;\n // Math worst case:\n // MAX_BEFORE_SQUARE + MAX_BEFORE_SQUARE\n if(totalSupply() + tokenValue - initReserve >= initGoal)\n {\n emit StateChange(state, STATE_RUN);\n state = STATE_RUN;\n __startedOn = block.timestamp;\n\n // Math worst case:\n // MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2\n // / MAX_BEFORE_SQUARE\n uint beneficiaryContribution = BigDiv.bigDiv2x1(\n initInvestors[beneficiary],\n buySlopeNum initGoal,\n buySlopeDen\n );\n\n if(setupFee > 0)\n {\n _transferCurrency(setupFeeRecipient, setupFee);\n if(beneficiaryContribution > setupFee)\n {\n beneficiaryContribution -= setupFee;\n }\n else\n {\n beneficiaryContribution = 0;\n }\n }\n\n _distributeInvestment(buybackReserve().sub(beneficiaryContribution));\n }\n }\n else // implied: if(state == STATE_RUN)\n {\n if(_to != beneficiary)\n {\n _distributeInvestment(_currencyValue);\n }\n }\n\n _mint(_to, tokenValue);\n }\n\n /// @notice Purchase FAIR tokens with the given amount of currency.\n /// @param _to The account to receive the FAIR tokens from this purchase.\n /// @param _currencyValue How much currency to spend in order to buy FAIR.\n /// @param _minTokensBought Buy at least this many FAIR tokens or the transaction reverts.\n /// @dev _minTokensBought is necessary as the price will change if some elses transaction mines after\n /// yours was submitted.\n function buy(\n address _to,\n uint _currencyValue,\n uint _minTokensBought\n ) public payable\n {\n _buy(msg.sender, _to, _currencyValue, _minTokensBought);\n }\n\n /// @notice Allow users to sign a message authorizing a buy\n function permitBuy(\n address payable _from,\n address _to,\n uint _currencyValue,\n uint _minTokensBought,\n uint _deadline,\n uint8 _v,\n bytes32 _r,\n bytes32 _s\n ) external\n {\n require(_deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_BUY_TYPEHASH, _from, _to, _currencyValue, _minTokensBought, nonces[_from]++, _deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, _v, _r, _s);\n require(recoveredAddress != address(0) && recoveredAddress == _from, \\"INVALID_SIGNATURE\\");\n _buy(_from, _to, _currencyValue, _minTokensBought);\n }\n\n /// Sell\n\n function estimateSellValue(\n uint _quantityToSell\n ) public view\n returns(uint)\n {\n uint reserve = buybackReserve();\n\n // Calculate currencyValue for this sale\n uint currencyValue;\n if(state == STATE_RUN)\n {\n uint supply = totalSupply() + burnedSupply;\n\n // buyback_reserve = r\n // total_supply = t\n // burnt_supply = b\n // amount = a\n // source: (t+b)a(2r)/((t+b)^2)-(((2r)/((t+b)^2)a^2)/2)+((2r)/((t+b)^2)ab^2)/(2(t))\n // imp: (a b^2 r)/(t (b + t)^2) + (2 a r)/(b + t) - (a^2 r)/(b + t)^2\n\n // Math: burnedSupply is capped in FAIR such that the square will never overflow\n // Math worst case:\n // MAX MAX_BEFORE_SQUARE MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n // / MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n currencyValue = BigDiv.bigDiv2x2(\n _quantityToSell.mul(reserve),\n burnedSupply burnedSupply,\n totalSupply(), supply supply\n );\n // Math: worst case currencyValue is MAX_BEFORE_SQUARE (max reserve, 1 supply)\n\n // Math worst case:\n // MAX 2 MAX_BEFORE_SQUARE\n uint temp = _quantityToSell.mul(2 reserve);\n temp /= supply;\n // Math: worst-case temp is MAX_BEFORE_SQUARE (max reserve, 1 supply)\n\n // Math: considering the worst-case for currencyValue and temp, this can never overflow\n currencyValue += temp;\n\n // Math: worst case\n // MAX MAX MAX_BEFORE_SQUARE\n // / MAX_BEFORE_SQUARE/2 MAX_BEFORE_SQUARE/2\n temp = BigDiv.bigDiv2x1RoundUp(\n _quantityToSell.mul(_quantityToSell),\n reserve,\n supply supply\n );\n if(currencyValue > temp)\n {\n currencyValue -= temp;\n }\n else\n {\n currencyValue = 0;\n }\n }\n else if(state == STATE_CLOSE)\n {\n // Math worst case\n // MAX MAX_BEFORE_SQUARE\n currencyValue = _quantityToSell.mul(reserve);\n currencyValue /= totalSupply();\n }\n else\n {\n // STATE_INIT or STATE_CANCEL\n // Math worst case:\n // MAX * MAX_BEFORE_SQUARE\n currencyValue = _quantityToSell.mul(reserve);\n // Math: FAIR blocks initReserve from being burned unless we reach the RUN state which prevents an underflow\n currencyValue /= totalSupply() - initReserve;\n }\n\n return currencyValue;\n }\n\n function _sell(\n address _from,\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned\n ) internal\n {\n require(_from != beneficiary || state >= STATE_CLOSE, \\"BENEFICIARY_ONLY_SELL_IN_CLOSE_OR_CANCEL\\");\n require(_minCurrencyReturned > 0, \\"MUST_SELL_AT_LEAST_1\\");\n\n uint currencyValue = estimateSellValue(_quantityToSell);\n require(currencyValue >= _minCurrencyReturned, \\"PRICE_SLIPPAGE\\");\n\n if(state == STATE_INIT || state == STATE_CANCEL)\n {\n initInvestors[_from] = initInvestors[_from].sub(_quantityToSell);\n }\n\n _burn(_from, _quantityToSell, true);\n uint supply = totalSupply() + burnedSupply;\n if(supply < initReserve)\n {\n initReserve = supply;\n }\n\n _transferCurrency(_to, currencyValue);\n emit Sell(_from, _to, currencyValue, _quantityToSell);\n }\n\n /// @notice Sell FAIR tokens for at least the given amount of currency.\n /// @param _to The account to receive the currency from this sale.\n /// @param _quantityToSell How many FAIR tokens to sell for currency value.\n /// @param _minCurrencyReturned Get at least this many currency tokens or the transaction reverts.\n /// @dev _minCurrencyReturned is necessary as the price will change if some elses transaction mines after\n /// yours was submitted.\n function sell(\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned\n ) public\n {\n _sell(msg.sender, _to, _quantityToSell, _minCurrencyReturned);\n }\n\n /// @notice Allow users to sign a message authorizing a sell\n function permitSell(\n address _from,\n address payable _to,\n uint _quantityToSell,\n uint _minCurrencyReturned,\n uint _deadline,\n uint8 _v,\n bytes32 _r,\n bytes32 _s\n ) external\n {\n require(_deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_SELL_TYPEHASH, _from, _to, _quantityToSell, _minCurrencyReturned, nonces[_from]++, _deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, _v, _r, _s);\n require(recoveredAddress != address(0) && recoveredAddress == _from, \\"INVALID_SIGNATURE\\");\n _sell(_from, _to, _quantityToSell, _minCurrencyReturned);\n }\n\n /// Close\n\n /// @notice Called by the beneficiary account to STATE_CLOSE or STATE_CANCEL the c-org,\n /// preventing any more tokens from being minted.\n /// @dev Requires anexitFeeto be paid. If the currency is ETH, include a little more than\n /// what appears to be required and any remainder will be returned to your account. This is\n /// because another user may have a transaction mined which changes the exitFee required.\n /// For othercurrencytypes, the beneficiary account will be billed the exact amount required.\n function _close() internal\n {\n require(msg.sender == beneficiary, \\"BENEFICIARY_ONLY\\");\n\n if(state == STATE_INIT)\n {\n // Allow the org to cancel anytime if the initGoal was not reached.\n emit StateChange(state, STATE_CANCEL);\n state = STATE_CANCEL;\n }\n else if(state == STATE_RUN)\n {\n // Collect the exitFee and close the c-org.\n require(MAX_UINT - minDuration > startedOn, \\"MAY_NOT_CLOSE\\");\n require(minDuration + startedOn <= block.timestamp, \\"TOO_EARLY\\");\n\n emit StateChange(state, STATE_CLOSE);\n state = STATE_CLOSE;\n }\n else\n {\n revert(\\"INVALID_STATE\\");\n }\n }\n\n // --- Approve by signature ---\n // EIP-2612\n // Original source: https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol\\n function permit(\n address owner,\n address spender,\n uint value,\n uint deadline,\n uint8 v,\n bytes32 r,\n bytes32 s\n ) external\n {\n require(deadline >= block.timestamp, \\"EXPIRED\\");\n bytes32 digest = keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline));\n digest = keccak256(\n abi.encodePacked(\n \\"\\x19\\x01\\",\n DOMAIN_SEPARATOR,\n digest\n )\n );\n address recoveredAddress = ecrecover(digest, v, r, s);\n require(recoveredAddress != address(0) && recoveredAddress == owner, \\"INVALID_SIGNATURE\\");\n _approve(owner, spender, value);\n }\n\n uint256[50] private gap;\n}\n\"},\"@openzeppelin/upgrades/contracts/Initializable.sol\":{\"content\":\"pragma solidity >=0.4.24 <0.7.0;\n\n\n/\n @title Initializable\n \n @dev Helper contract to support initializer functions. To use it, replace\n the constructor with a function that has theinitializermodifier.\n WARNING: Unlike constructors, initializer functions must be manually\n invoked. This applies both to deploying an Initializable contract, as well\n as extending an Initializable contract via inheritance.\n WARNING: When used with inheritance, manual care must be taken to not invoke\n a parent initializer twice, or ensure that all initializers are idempotent,\n because this is not dealt with automatically as with constructors.\n */\ncontract Initializable {\n\n /\n @dev Indicates that the contract has been initialized.\n /\n bool private initialized;\n\n /\n @dev Indicates that the contract is in the process of being initialized.\n /\n bool private initializing;\n\n /\n @dev Modifier to use in the initializer function of a contract.\n /\n modifier initializer() {\n require(initializing || isConstructor() || !initialized, \\"Contract instance has already been initialized\\");\n\n bool isTopLevelCall = !initializing;\n if (isTopLevelCall) {\n initializing = true;\n initialized = true;\n }\n\n _;\n\n if (isTopLevelCall) {\n initializing = false;\n }\n }\n\n /// @dev Returns true if and only if the function is running in the constructor\n function isConstructor() private view returns (bool) {\n // extcodesize checks the size of the code stored in an address, and\n // address returns the current address. Since the code is still not\n // deployed when running a constructor, any checks on its code size will\n // yield zero, making it an effective way to detect if a contract is\n // under construction or not.\n address self = address(this);\n uint256 cs;\n assembly { cs := extcodesize(self) }\n return cs == 0;\n }\n\n // Reserved storage space to allow for layout changes in the future.\n uint256[50] private __gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/utils/Address.sol\":{\"content\":\"pragma solidity ^0.5.5;\n\n/\n @dev Collection of functions related to the address type\n /\nlibrary Address {\n /\n @dev Returns true ifaccountis a contract.\n \n [IMPORTANT]\n ====\n It is unsafe to assume that an address for which this function returns\n false is an externally-owned account (EOA) and not a contract.\n \n Among others,isContractwill return false for the following \n types of addresses:\n \n - an externally-owned account\n - a contract in construction\n - an address where a contract will be created\n - an address where a contract lived, but was destroyed\n ====\n /\n function isContract(address account) internal view returns (bool) {\n // According to EIP-1052, 0x0 is the value returned for not-yet created accounts\n // and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned\n // for accounts without code, i.e.keccak256('')\n bytes32 codehash;\n bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;\n // solhint-disable-next-line no-inline-assembly\n assembly { codehash := extcodehash(account) }\n return (codehash != accountHash && codehash != 0x0);\n }\n\n /\n @dev Converts anaddressintoaddress payable. Note that this is\n simply a type cast: the actual underlying value is not changed.\n \n Available since v2.4.0.\n */\n function toPayable(address account) internal pure returns (address payable) {\n return address(uint160(account));\n }\n\n /\n @dev Replacement for Solidity'stransfer: sendsamountwei to\nrecipient, forwarding all available gas and reverting on errors.\n \n https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n of certain opcodes, possibly making contracts go over the 2300 gas limit\n imposed bytransfer, making them unable to receive funds via\ntransfer. {sendValue} removes this limitation.\n \n https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n \n IMPORTANT: because control is transferred torecipient, care must be\n taken to not create reentrancy vulnerabilities. Consider using\n {ReentrancyGuard} or the\n https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n \n Available since v2.4.0.\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n require(address(this).balance >= amount, \\"Address: insufficient balance\\");\n\n // solhint-disable-next-line avoid-call-value\n (bool success, ) = recipient.call.value(amount)(\\"\\");\n require(success, \\"Address: unable to send value, recipient may have reverted\\");\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/SafeERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"./IERC20.sol\\";\nimport \\"../../math/SafeMath.sol\\";\nimport \\"../../utils/Address.sol\\";\n\n/\n @title SafeERC20\n @dev Wrappers around ERC20 operations that throw on failure (when the token\n contract returns false). Tokens that return no value (and instead revert or\n throw on failure) are also supported, non-reverting calls are assumed to be\n successful.\n To use this library you can add ausing SafeERC20 for ERC20;statement to your contract,\n which allows you to call the safe operations astoken.safeTransfer(...), etc.\n /\nlibrary SafeERC20 {\n using SafeMath for uint256;\n using Address for address;\n\n function safeTransfer(IERC20 token, address to, uint256 value) internal {\n callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));\n }\n\n function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {\n callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));\n }\n\n function safeApprove(IERC20 token, address spender, uint256 value) internal {\n // safeApprove should only be called when setting an initial allowance,\n // or when resetting it to zero. To increase and decrease it, use\n // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'\n // solhint-disable-next-line max-line-length\n require((value == 0) || (token.allowance(address(this), spender) == 0),\n \\"SafeERC20: approve from non-zero to non-zero allowance\\"\n );\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));\n }\n\n function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {\n uint256 newAllowance = token.allowance(address(this), spender).add(value);\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n\n function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {\n uint256 newAllowance = token.allowance(address(this), spender).sub(value, \\"SafeERC20: decreased allowance below zero\\");\n callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));\n }\n\n /\n @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement\n on the return value: the return value is optional (but if data is returned, it must not be false).\n @param token The token targeted by the call.\n @param data The call data (encoded using abi.encode or one of its variants).\n */\n function callOptionalReturn(IERC20 token, bytes memory data) private {\n // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since\n // we're implementing it ourselves.\n\n // A Solidity high level call has three parts:\n // 1. The target address is checked to verify it contains contract code\n // 2. The call itself is made, and success asserted\n // 3. The return value is decoded, which in turn checks the size of the returned data.\n // solhint-disable-next-line max-line-length\n require(address(token).isContract(), \\"SafeERC20: call to non-contract\\");\n\n // solhint-disable-next-line avoid-low-level-calls\n (bool success, bytes memory returndata) = address(token).call(data);\n require(success, \\"SafeERC20: low-level call failed\\");\n\n if (returndata.length > 0) { // Return data is optional\n // solhint-disable-next-line max-line-length\n require(abi.decode(returndata, (bool)), \\"SafeERC20: ERC20 operation did not succeed\\");\n }\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/IERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/\n @dev Interface of the ERC20 standard as defined in the EIP. Does not include\n the optional functions; to access them see {ERC20Detailed}.\n */\ninterface IERC20 {\n /\n @dev Returns the amount of tokens in existence.\n /\n function totalSupply() external view returns (uint256);\n\n /\n @dev Returns the amount of tokens owned byaccount.\n /\n function balanceOf(address account) external view returns (uint256);\n\n /\n @dev Movesamounttokens from the caller's account torecipient.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n Emits a {Transfer} event.\n /\n function transfer(address recipient, uint256 amount) external returns (bool);\n\n /\n @dev Returns the remaining number of tokens thatspenderwill be\n allowed to spend on behalf ofownerthrough {transferFrom}. This is\n zero by default.\n \n This value changes when {approve} or {transferFrom} are called.\n /\n function allowance(address owner, address spender) external view returns (uint256);\n\n /*\n @dev Setsamountas the allowance ofspenderover the caller's tokens.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n IMPORTANT: Beware that changing an allowance with this method brings the risk\n that someone may use both the old and the new allowance by unfortunate\n transaction ordering. One possible solution to mitigate this race\n condition is to first reduce the spender's allowance to 0 and set the\n desired value afterwards:\n https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\\n \n Emits an {Approval} event.\n /\n function approve(address spender, uint256 amount) external returns (bool);\n\n /\n @dev Movesamounttokens fromsendertorecipientusing the\n allowance mechanism.amountis then deducted from the caller's\n allowance.\n \n Returns a boolean value indicating whether the operation succeeded.\n \n Emits a {Transfer} event.\n /\n function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);\n\n /\n @dev Emitted whenvaluetokens are moved from one account (from) to\n another (to).\n \n Note thatvaluemay be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /*\n @dev Emitted when the allowance of aspenderfor anowneris set by\n a call to {approve}.valueis the new allowance.\n /\n event Approval(address indexed owner, address indexed spender, uint256 value);\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20Detailed.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\nimport \\"./IERC20.sol\\";\n\n/\n @dev Optional functions from the ERC20 standard.\n /\ncontract ERC20Detailed is Initializable, IERC20 {\n string private _name;\n string private _symbol;\n uint8 private _decimals;\n\n /\n @dev Sets the values forname,symbol, anddecimals. All three of\n these values are immutable: they can only be set once during\n construction.\n /\n function initialize(string memory name, string memory symbol, uint8 decimals) public initializer {\n _name = name;\n _symbol = symbol;\n _decimals = decimals;\n }\n\n /\n @dev Returns the name of the token.\n /\n function name() public view returns (string memory) {\n return _name;\n }\n\n /\n @dev Returns the symbol of the token, usually a shorter version of the\n name.\n */\n function symbol() public view returns (string memory) {\n return _symbol;\n }\n\n /*\n @dev Returns the number of decimals used to get its user representation.\n For example, ifdecimalsequals2, a balance of505tokens should\n be displayed to a user as5,05(`505 / 10 2`).\n \n Tokens usually opt for a value of 18, imitating the relationship between\n Ether and Wei.\n \n NOTE: This information is only used for display purposes: it in\n no way affects any of the arithmetic of the contract, including\n {IERC20-balanceOf} and {IERC20-transfer}.\n /\n function decimals() public view returns (uint8) {\n return _decimals;\n }\n\n uint256[50] private ____gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/token/ERC20/ERC20.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\n\nimport \\"../../GSN/Context.sol\\";\nimport \\"./IERC20.sol\\";\nimport \\"../../math/SafeMath.sol\\";\n\n/\n @dev Implementation of the {IERC20} interface.\n \n This implementation is agnostic to the way tokens are created. This means\n that a supply mechanism has to be added in a derived contract using {_mint}.\n For a generic mechanism see {ERC20Mintable}.\n \n TIP: For a detailed writeup see our guide\n https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How\\n to implement supply mechanisms].\n \n We have followed general OpenZeppelin guidelines: functions revert instead\n of returningfalseon failure. This behavior is nonetheless conventional\n and does not conflict with the expectations of ERC20 applications.\n \n Additionally, an {Approval} event is emitted on calls to {transferFrom}.\n This allows applications to reconstruct the allowance for all accounts just\n by listening to said events. Other implementations of the EIP may not emit\n these events, as it isn't required by the specification.\n \n Finally, the non-standard {decreaseAllowance} and {increaseAllowance}\n functions have been added to mitigate the well-known issues around setting\n allowances. See {IERC20-approve}.\n */\ncontract ERC20 is Initializable, Context, IERC20 {\n using SafeMath for uint256;\n\n mapping (address => uint256) private _balances;\n\n mapping (address => mapping (address => uint256)) private _allowances;\n\n uint256 private _totalSupply;\n\n /\n @dev See {IERC20-totalSupply}.\n /\n function totalSupply() public view returns (uint256) {\n return _totalSupply;\n }\n\n /\n @dev See {IERC20-balanceOf}.\n /\n function balanceOf(address account) public view returns (uint256) {\n return _balances[account];\n }\n\n /*\n @dev See {IERC20-transfer}.\n \n Requirements:\n \n -recipientcannot be the zero address.\n - the caller must have a balance of at leastamount.\n /\n function transfer(address recipient, uint256 amount) public returns (bool) {\n _transfer(_msgSender(), recipient, amount);\n return true;\n }\n\n /\n @dev See {IERC20-allowance}.\n /\n function allowance(address owner, address spender) public view returns (uint256) {\n return _allowances[owner][spender];\n }\n\n /\n @dev See {IERC20-approve}.\n \n Requirements:\n \n -spendercannot be the zero address.\n /\n function approve(address spender, uint256 amount) public returns (bool) {\n _approve(_msgSender(), spender, amount);\n return true;\n }\n\n /\n @dev See {IERC20-transferFrom}.\n \n Emits an {Approval} event indicating the updated allowance. This is not\n required by the EIP. See the note at the beginning of {ERC20};\n \n Requirements:\n -senderandrecipientcannot be the zero address.\n -sendermust have a balance of at leastamount.\n - the caller must have allowance forsender's tokens of at least\namount.\n */\n function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {\n _transfer(sender, recipient, amount);\n _approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, \\"ERC20: transfer amount exceeds allowance\\"));\n return true;\n }\n\n /\n @dev Atomically increases the allowance granted tospenderby the caller.\n \n This is an alternative to {approve} that can be used as a mitigation for\n problems described in {IERC20-approve}.\n \n Emits an {Approval} event indicating the updated allowance.\n \n Requirements:\n \n -spendercannot be the zero address.\n */\n function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {\n _approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));\n return true;\n }\n\n /*\n @dev Atomically decreases the allowance granted tospenderby the caller.\n \n This is an alternative to {approve} that can be used as a mitigation for\n problems described in {IERC20-approve}.\n \n Emits an {Approval} event indicating the updated allowance.\n \n Requirements:\n \n -spendercannot be the zero address.\n -spendermust have allowance for the caller of at least\nsubtractedValue.\n /\n function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {\n _approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, \\"ERC20: decreased allowance below zero\\"));\n return true;\n }\n\n /\n @dev Moves tokensamountfromsendertorecipient.\n \n This is internal function is equivalent to {transfer}, and can be used to\n e.g. implement automatic token fees, slashing mechanisms, etc.\n \n Emits a {Transfer} event.\n \n Requirements:\n \n -sendercannot be the zero address.\n -recipientcannot be the zero address.\n -sendermust have a balance of at leastamount.\n */\n function _transfer(address sender, address recipient, uint256 amount) internal {\n require(sender != address(0), \\"ERC20: transfer from the zero address\\");\n require(recipient != address(0), \\"ERC20: transfer to the zero address\\");\n\n _balances[sender] = _balances[sender].sub(amount, \\"ERC20: transfer amount exceeds balance\\");\n _balances[recipient] = _balances[recipient].add(amount);\n emit Transfer(sender, recipient, amount);\n }\n\n / @dev Createsamounttokens and assigns them toaccount, increasing\n the total supply.\n \n Emits a {Transfer} event withfromset to the zero address.\n \n Requirements\n \n -tocannot be the zero address.\n /\n function _mint(address account, uint256 amount) internal {\n require(account != address(0), \\"ERC20: mint to the zero address\\");\n\n _totalSupply = _totalSupply.add(amount);\n _balances[account] = _balances[account].add(amount);\n emit Transfer(address(0), account, amount);\n }\n\n /\n @dev Destroysamounttokens fromaccount, reducing the\n total supply.\n \n Emits a {Transfer} event withtoset to the zero address.\n \n Requirements\n \n -accountcannot be the zero address.\n -accountmust have at leastamounttokens.\n /\n function _burn(address account, uint256 amount) internal {\n require(account != address(0), \\"ERC20: burn from the zero address\\");\n\n _balances[account] = _balances[account].sub(amount, \\"ERC20: burn amount exceeds balance\\");\n _totalSupply = _totalSupply.sub(amount);\n emit Transfer(account, address(0), amount);\n }\n\n /\n @dev Setsamountas the allowance ofspenderover theowners tokens.\n \n This is internal function is equivalent toapprove, and can be used to\n e.g. set automatic allowances for certain subsystems, etc.\n \n Emits an {Approval} event.\n \n Requirements:\n \n -ownercannot be the zero address.\n -spendercannot be the zero address.\n /\n function _approve(address owner, address spender, uint256 amount) internal {\n require(owner != address(0), \\"ERC20: approve from the zero address\\");\n require(spender != address(0), \\"ERC20: approve to the zero address\\");\n\n _allowances[owner][spender] = amount;\n emit Approval(owner, spender, amount);\n }\n\n /\n @dev Destroysamounttokens fromaccount.amountis then deducted\n from the caller's allowance.\n \n See {_burn} and {_approve}.\n */\n function _burnFrom(address account, uint256 amount) internal {\n _burn(account, amount);\n _approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, \\"ERC20: burn amount exceeds allowance\\"));\n }\n\n uint256[50] private __gap;\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/math/SafeMath.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\n/\n @dev Wrappers over Solidity's arithmetic operations with added overflow\n checks.\n \n Arithmetic operations in Solidity wrap on overflow. This can easily result\n in bugs, because programmers usually assume that an overflow raises an\n error, which is the standard behavior in high level programming languages.\nSafeMathrestores this intuition by reverting the transaction when an\n operation overflows.\n \n Using this library instead of the unchecked operations eliminates an entire\n class of bugs, so it's recommended to use it always.\n /\nlibrary SafeMath {\n /\n @dev Returns the addition of two unsigned integers, reverting on\n overflow.\n \n Counterpart to Solidity's+operator.\n \n Requirements:\n - Addition cannot overflow.\n /\n function add(uint256 a, uint256 b) internal pure returns (uint256) {\n uint256 c = a + b;\n require(c >= a, \\"SafeMath: addition overflow\\");\n\n return c;\n }\n\n /\n @dev Returns the subtraction of two unsigned integers, reverting on\n overflow (when the result is negative).\n \n Counterpart to Solidity's-operator.\n \n Requirements:\n - Subtraction cannot overflow.\n /\n function sub(uint256 a, uint256 b) internal pure returns (uint256) {\n return sub(a, b, \\"SafeMath: subtraction overflow\\");\n }\n\n /\n @dev Returns the subtraction of two unsigned integers, reverting with custom message on\n overflow (when the result is negative).\n \n Counterpart to Solidity's-operator.\n \n Requirements:\n - Subtraction cannot overflow.\n \n Available since v2.4.0.\n /\n function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n require(b <= a, errorMessage);\n uint256 c = a - b;\n\n return c;\n }\n\n /\n @dev Returns the multiplication of two unsigned integers, reverting on\n overflow.\n \n Counterpart to Solidity's*operator.\n \n Requirements:\n - Multiplication cannot overflow.\n /\n function mul(uint256 a, uint256 b) internal pure returns (uint256) {\n // Gas optimization: this is cheaper than requiring 'a' not being zero, but the\n // benefit is lost if 'b' is also tested.\n // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522\\n if (a == 0) {\n return 0;\n }\n\n uint256 c = a * b;\n require(c / a == b, \\"SafeMath: multiplication overflow\\");\n\n return c;\n }\n\n /\n @dev Returns the integer division of two unsigned integers. Reverts on\n division by zero. The result is rounded towards zero.\n \n Counterpart to Solidity's/operator. Note: this function uses a\nrevertopcode (which leaves remaining gas untouched) while Solidity\n uses an invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n /\n function div(uint256 a, uint256 b) internal pure returns (uint256) {\n return div(a, b, \\"SafeMath: division by zero\\");\n }\n\n /*\n @dev Returns the integer division of two unsigned integers. Reverts with custom message on\n division by zero. The result is rounded towards zero.\n \n Counterpart to Solidity's/operator. Note: this function uses a\nrevertopcode (which leaves remaining gas untouched) while Solidity\n uses an invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n \n Available since v2.4.0.\n /\n function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n // Solidity only automatically asserts when dividing by 0\n require(b > 0, errorMessage);\n uint256 c = a / b;\n // assert(a == b c + a % b); // There is no case in which this doesn't hold\n\n return c;\n }\n\n /\n @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n Reverts when dividing by zero.\n \n Counterpart to Solidity's%operator. This function uses arevert\n opcode (which leaves remaining gas untouched) while Solidity uses an\n invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n /\n function mod(uint256 a, uint256 b) internal pure returns (uint256) {\n return mod(a, b, \\"SafeMath: modulo by zero\\");\n }\n\n /\n @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),\n Reverts with custom message when dividing by zero.\n \n Counterpart to Solidity's%operator. This function uses arevert\n opcode (which leaves remaining gas untouched) while Solidity uses an\n invalid opcode to revert (consuming all remaining gas).\n \n Requirements:\n - The divisor cannot be zero.\n \n Available since v2.4.0.\n /\n function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {\n require(b != 0, errorMessage);\n return a % b;\n }\n}\n\"},\"@openzeppelin/contracts-ethereum-package/contracts/GSN/Context.sol\":{\"content\":\"pragma solidity ^0.5.0;\n\nimport \\"@openzeppelin/upgrades/contracts/Initializable.sol\\";\n\n/\n @dev Provides information about the current execution context, including the\n sender of the transaction and its data. While these are generally available\n via msg.sender and msg.data, they should not be accessed in such a direct\n manner, since when dealing with GSN meta-transactions the account sending and\n paying for execution may not be the actual sender (as far as an application\n is concerned).\n \n This contract is only required for intermediate, library-like contracts.\n /\ncontract Context is Initializable {\n // Empty internal constructor, to prevent people from mistakenly deploying\n // an instance of this contract, which should be used via inheritance.\n constructor () internal { }\n // solhint-disable-previous-line no-empty-blocks\n\n function _msgSender() internal view returns (address payable) {\n return msg.sender;\n }\n\n function _msgData() internal view returns (bytes memory) {\n this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691\\n return msg.data;\n }\n}\n\"}},\"settings\":{\"remappings\":[],\"optimizer\":{\"enabled\":true,\"runs\":200},\"evmVersion\":\"istanbul\",\"libraries\":{}}}", "codeformat": "solidity-standard-json-input", "contractname": "/contracts/DecentralizedAutonomousTrust.sol:DecentralizedAutonomousTrust", "compilerversion": "v0.5.17+commit.d19bba13", "constructorArguements": "" } Checking status of verification request ny2t6szgxxtmydmyam3bbsqgewy1qs62ulsfejg1n4nczuvagn Fail - Unable to verify Failed to verify 1 contract(s): DecentralizedAutonomousTrust@0xfa1B723C90927650b142a2c4a12644321C168d03