| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 | // SPDX-License-Identifier: MIT// OpenZeppelin Contracts (last updated v5.3.0) (proxy/utils/UUPSUpgradeable.sol)pragma solidity ^0.8.22;import {IERC1822Proxiable} from "../../interfaces/draft-IERC1822.sol";import {ERC1967Utils} from "../ERC1967/ERC1967Utils.sol";/** * @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an * {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy. * * A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is * reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing * `UUPSUpgradeable` with a custom implementation of upgrades. * * The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism. */abstract contract UUPSUpgradeable is IERC1822Proxiable {    /// @custom:oz-upgrades-unsafe-allow state-variable-immutable    address private immutable __self = address(this);    /**     * @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`     * and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,     * while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.     * If the getter returns `"5.0.0"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must     * be the empty byte string if no function should be called, making it impossible to invoke the `receive` function     * during an upgrade.     */    string public constant UPGRADE_INTERFACE_VERSION = "5.0.0";    /**     * @dev The call is from an unauthorized context.     */    error UUPSUnauthorizedCallContext();    /**     * @dev The storage `slot` is unsupported as a UUID.     */    error UUPSUnsupportedProxiableUUID(bytes32 slot);    /**     * @dev Check that the execution is being performed through a delegatecall call and that the execution context is     * a proxy contract with an implementation (as defined in ERC-1967) pointing to self. This should only be the case     * for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a     * function through ERC-1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to     * fail.     */    modifier onlyProxy() {        _checkProxy();        _;    }    /**     * @dev Check that the execution is not being performed through a delegate call. This allows a function to be     * callable on the implementing contract but not through proxies.     */    modifier notDelegated() {        _checkNotDelegated();        _;    }    /**     * @dev Implementation of the ERC-1822 {proxiableUUID} function. This returns the storage slot used by the     * implementation. It is used to validate the implementation's compatibility when performing an upgrade.     *     * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks     * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this     * function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.     */    function proxiableUUID() external view virtual notDelegated returns (bytes32) {        return ERC1967Utils.IMPLEMENTATION_SLOT;    }    /**     * @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call     * encoded in `data`.     *     * Calls {_authorizeUpgrade}.     *     * Emits an {Upgraded} event.     *     * @custom:oz-upgrades-unsafe-allow-reachable delegatecall     */    function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {        _authorizeUpgrade(newImplementation);        _upgradeToAndCallUUPS(newImplementation, data);    }    /**     * @dev Reverts if the execution is not performed via delegatecall or the execution     * context is not of a proxy with an ERC-1967 compliant implementation pointing to self.     */    function _checkProxy() internal view virtual {        if (            address(this) == __self || // Must be called through delegatecall            ERC1967Utils.getImplementation() != __self // Must be called through an active proxy        ) {            revert UUPSUnauthorizedCallContext();        }    }    /**     * @dev Reverts if the execution is performed via delegatecall.     * See {notDelegated}.     */    function _checkNotDelegated() internal view virtual {        if (address(this) != __self) {            // Must not be called through delegatecall            revert UUPSUnauthorizedCallContext();        }    }    /**     * @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by     * {upgradeToAndCall}.     *     * Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.     *     * ```solidity     * function _authorizeUpgrade(address) internal onlyOwner {}     * ```     */    function _authorizeUpgrade(address newImplementation) internal virtual;    /**     * @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.     *     * As a security check, {proxiableUUID} is invoked in the new implementation, and the return value     * is expected to be the implementation slot in ERC-1967.     *     * Emits an {IERC1967-Upgraded} event.     */    function _upgradeToAndCallUUPS(address newImplementation, bytes memory data) private {        try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {            if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {                revert UUPSUnsupportedProxiableUUID(slot);            }            ERC1967Utils.upgradeToAndCall(newImplementation, data);        } catch {            // The implementation is not UUPS            revert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);        }    }}
 |