You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
456 lines
16 KiB
456 lines
16 KiB
// SPDX-License-Identifier: MIT
|
|
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/ERC721.sol)
|
|
|
|
pragma solidity ^0.8.20;
|
|
|
|
import {IERC721} from "./IERC721.sol";
|
|
import {IERC721Metadata} from "./extensions/IERC721Metadata.sol";
|
|
import {ERC721Utils} from "./utils/ERC721Utils.sol";
|
|
import {Context} from "../../utils/Context.sol";
|
|
import {Strings} from "../../utils/Strings.sol";
|
|
import {IERC165, ERC165} from "../../utils/introspection/ERC165.sol";
|
|
import {IERC721Errors} from "../../interfaces/draft-IERC6093.sol";
|
|
|
|
/**
|
|
* @dev Implementation of https://eips.ethereum.org/EIPS/eip-721[ERC-721] Non-Fungible Token Standard, including
|
|
* the Metadata extension, but not including the Enumerable extension, which is available separately as
|
|
* {ERC721Enumerable}.
|
|
*/
|
|
abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Errors {
|
|
using Strings for uint256;
|
|
|
|
// Token name
|
|
string private _name;
|
|
|
|
// Token symbol
|
|
string private _symbol;
|
|
|
|
mapping(uint256 tokenId => address) private _owners;
|
|
|
|
mapping(address owner => uint256) private _balances;
|
|
|
|
mapping(uint256 tokenId => address) private _tokenApprovals;
|
|
|
|
mapping(address owner => mapping(address operator => bool)) private _operatorApprovals;
|
|
|
|
/**
|
|
* @dev Initializes the contract by setting a `name` and a `symbol` to the token collection.
|
|
*/
|
|
constructor(string memory name_, string memory symbol_) {
|
|
_name = name_;
|
|
_symbol = symbol_;
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC165-supportsInterface}.
|
|
*/
|
|
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
|
|
return
|
|
interfaceId == type(IERC721).interfaceId ||
|
|
interfaceId == type(IERC721Metadata).interfaceId ||
|
|
super.supportsInterface(interfaceId);
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-balanceOf}.
|
|
*/
|
|
function balanceOf(address owner) public view virtual returns (uint256) {
|
|
if (owner == address(0)) {
|
|
revert ERC721InvalidOwner(address(0));
|
|
}
|
|
return _balances[owner];
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-ownerOf}.
|
|
*/
|
|
function ownerOf(uint256 tokenId) public view virtual returns (address) {
|
|
return _requireOwned(tokenId);
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721Metadata-name}.
|
|
*/
|
|
function name() public view virtual returns (string memory) {
|
|
return _name;
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721Metadata-symbol}.
|
|
*/
|
|
function symbol() public view virtual returns (string memory) {
|
|
return _symbol;
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721Metadata-tokenURI}.
|
|
*/
|
|
function tokenURI(uint256 tokenId) public view virtual returns (string memory) {
|
|
_requireOwned(tokenId);
|
|
|
|
string memory baseURI = _baseURI();
|
|
return bytes(baseURI).length > 0 ? string.concat(baseURI, tokenId.toString()) : "";
|
|
}
|
|
|
|
/**
|
|
* @dev Base URI for computing {tokenURI}. If set, the resulting URI for each
|
|
* token will be the concatenation of the `baseURI` and the `tokenId`. Empty
|
|
* by default, can be overridden in child contracts.
|
|
*/
|
|
function _baseURI() internal view virtual returns (string memory) {
|
|
return "";
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-approve}.
|
|
*/
|
|
function approve(address to, uint256 tokenId) public virtual {
|
|
_approve(to, tokenId, _msgSender());
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-getApproved}.
|
|
*/
|
|
function getApproved(uint256 tokenId) public view virtual returns (address) {
|
|
_requireOwned(tokenId);
|
|
|
|
return _getApproved(tokenId);
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-setApprovalForAll}.
|
|
*/
|
|
function setApprovalForAll(address operator, bool approved) public virtual {
|
|
_setApprovalForAll(_msgSender(), operator, approved);
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-isApprovedForAll}.
|
|
*/
|
|
function isApprovedForAll(address owner, address operator) public view virtual returns (bool) {
|
|
return _operatorApprovals[owner][operator];
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-transferFrom}.
|
|
*/
|
|
function transferFrom(address from, address to, uint256 tokenId) public virtual {
|
|
if (to == address(0)) {
|
|
revert ERC721InvalidReceiver(address(0));
|
|
}
|
|
// Setting an "auth" arguments enables the `_isAuthorized` check which verifies that the token exists
|
|
// (from != 0). Therefore, it is not needed to verify that the return value is not 0 here.
|
|
address previousOwner = _update(to, tokenId, _msgSender());
|
|
if (previousOwner != from) {
|
|
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-safeTransferFrom}.
|
|
*/
|
|
function safeTransferFrom(address from, address to, uint256 tokenId) public {
|
|
safeTransferFrom(from, to, tokenId, "");
|
|
}
|
|
|
|
/**
|
|
* @dev See {IERC721-safeTransferFrom}.
|
|
*/
|
|
function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data) public virtual {
|
|
transferFrom(from, to, tokenId);
|
|
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
|
|
}
|
|
|
|
/**
|
|
* @dev Returns the owner of the `tokenId`. Does NOT revert if token doesn't exist
|
|
*
|
|
* IMPORTANT: Any overrides to this function that add ownership of tokens not tracked by the
|
|
* core ERC-721 logic MUST be matched with the use of {_increaseBalance} to keep balances
|
|
* consistent with ownership. The invariant to preserve is that for any address `a` the value returned by
|
|
* `balanceOf(a)` must be equal to the number of tokens such that `_ownerOf(tokenId)` is `a`.
|
|
*/
|
|
function _ownerOf(uint256 tokenId) internal view virtual returns (address) {
|
|
return _owners[tokenId];
|
|
}
|
|
|
|
/**
|
|
* @dev Returns the approved address for `tokenId`. Returns 0 if `tokenId` is not minted.
|
|
*/
|
|
function _getApproved(uint256 tokenId) internal view virtual returns (address) {
|
|
return _tokenApprovals[tokenId];
|
|
}
|
|
|
|
/**
|
|
* @dev Returns whether `spender` is allowed to manage `owner`'s tokens, or `tokenId` in
|
|
* particular (ignoring whether it is owned by `owner`).
|
|
*
|
|
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
|
|
* assumption.
|
|
*/
|
|
function _isAuthorized(address owner, address spender, uint256 tokenId) internal view virtual returns (bool) {
|
|
return
|
|
spender != address(0) &&
|
|
(owner == spender || isApprovedForAll(owner, spender) || _getApproved(tokenId) == spender);
|
|
}
|
|
|
|
/**
|
|
* @dev Checks if `spender` can operate on `tokenId`, assuming the provided `owner` is the actual owner.
|
|
* Reverts if:
|
|
* - `spender` does not have approval from `owner` for `tokenId`.
|
|
* - `spender` does not have approval to manage all of `owner`'s assets.
|
|
*
|
|
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
|
|
* assumption.
|
|
*/
|
|
function _checkAuthorized(address owner, address spender, uint256 tokenId) internal view virtual {
|
|
if (!_isAuthorized(owner, spender, tokenId)) {
|
|
if (owner == address(0)) {
|
|
revert ERC721NonexistentToken(tokenId);
|
|
} else {
|
|
revert ERC721InsufficientApproval(spender, tokenId);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
|
|
*
|
|
* NOTE: the value is limited to type(uint128).max. This protect against _balance overflow. It is unrealistic that
|
|
* a uint256 would ever overflow from increments when these increments are bounded to uint128 values.
|
|
*
|
|
* WARNING: Increasing an account's balance using this function tends to be paired with an override of the
|
|
* {_ownerOf} function to resolve the ownership of the corresponding tokens so that balances and ownership
|
|
* remain consistent with one another.
|
|
*/
|
|
function _increaseBalance(address account, uint128 value) internal virtual {
|
|
unchecked {
|
|
_balances[account] += value;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev Transfers `tokenId` from its current owner to `to`, or alternatively mints (or burns) if the current owner
|
|
* (or `to`) is the zero address. Returns the owner of the `tokenId` before the update.
|
|
*
|
|
* The `auth` argument is optional. If the value passed is non 0, then this function will check that
|
|
* `auth` is either the owner of the token, or approved to operate on the token (by the owner).
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*
|
|
* NOTE: If overriding this function in a way that tracks balances, see also {_increaseBalance}.
|
|
*/
|
|
function _update(address to, uint256 tokenId, address auth) internal virtual returns (address) {
|
|
address from = _ownerOf(tokenId);
|
|
|
|
// Perform (optional) operator check
|
|
if (auth != address(0)) {
|
|
_checkAuthorized(from, auth, tokenId);
|
|
}
|
|
|
|
// Execute the update
|
|
if (from != address(0)) {
|
|
// Clear approval. No need to re-authorize or emit the Approval event
|
|
_approve(address(0), tokenId, address(0), false);
|
|
|
|
unchecked {
|
|
_balances[from] -= 1;
|
|
}
|
|
}
|
|
|
|
if (to != address(0)) {
|
|
unchecked {
|
|
_balances[to] += 1;
|
|
}
|
|
}
|
|
|
|
_owners[tokenId] = to;
|
|
|
|
emit Transfer(from, to, tokenId);
|
|
|
|
return from;
|
|
}
|
|
|
|
/**
|
|
* @dev Mints `tokenId` and transfers it to `to`.
|
|
*
|
|
* WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible
|
|
*
|
|
* Requirements:
|
|
*
|
|
* - `tokenId` must not exist.
|
|
* - `to` cannot be the zero address.
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*/
|
|
function _mint(address to, uint256 tokenId) internal {
|
|
if (to == address(0)) {
|
|
revert ERC721InvalidReceiver(address(0));
|
|
}
|
|
address previousOwner = _update(to, tokenId, address(0));
|
|
if (previousOwner != address(0)) {
|
|
revert ERC721InvalidSender(address(0));
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev Mints `tokenId`, transfers it to `to` and checks for `to` acceptance.
|
|
*
|
|
* Requirements:
|
|
*
|
|
* - `tokenId` must not exist.
|
|
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*/
|
|
function _safeMint(address to, uint256 tokenId) internal {
|
|
_safeMint(to, tokenId, "");
|
|
}
|
|
|
|
/**
|
|
* @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is
|
|
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
|
|
*/
|
|
function _safeMint(address to, uint256 tokenId, bytes memory data) internal virtual {
|
|
_mint(to, tokenId);
|
|
ERC721Utils.checkOnERC721Received(_msgSender(), address(0), to, tokenId, data);
|
|
}
|
|
|
|
/**
|
|
* @dev Destroys `tokenId`.
|
|
* The approval is cleared when the token is burned.
|
|
* This is an internal function that does not check if the sender is authorized to operate on the token.
|
|
*
|
|
* Requirements:
|
|
*
|
|
* - `tokenId` must exist.
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*/
|
|
function _burn(uint256 tokenId) internal {
|
|
address previousOwner = _update(address(0), tokenId, address(0));
|
|
if (previousOwner == address(0)) {
|
|
revert ERC721NonexistentToken(tokenId);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev Transfers `tokenId` from `from` to `to`.
|
|
* As opposed to {transferFrom}, this imposes no restrictions on msg.sender.
|
|
*
|
|
* Requirements:
|
|
*
|
|
* - `to` cannot be the zero address.
|
|
* - `tokenId` token must be owned by `from`.
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*/
|
|
function _transfer(address from, address to, uint256 tokenId) internal {
|
|
if (to == address(0)) {
|
|
revert ERC721InvalidReceiver(address(0));
|
|
}
|
|
address previousOwner = _update(to, tokenId, address(0));
|
|
if (previousOwner == address(0)) {
|
|
revert ERC721NonexistentToken(tokenId);
|
|
} else if (previousOwner != from) {
|
|
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @dev Safely transfers `tokenId` token from `from` to `to`, checking that contract recipients
|
|
* are aware of the ERC-721 standard to prevent tokens from being forever locked.
|
|
*
|
|
* `data` is additional data, it has no specified format and it is sent in call to `to`.
|
|
*
|
|
* This internal function is like {safeTransferFrom} in the sense that it invokes
|
|
* {IERC721Receiver-onERC721Received} on the receiver, and can be used to e.g.
|
|
* implement alternative mechanisms to perform token transfer, such as signature-based.
|
|
*
|
|
* Requirements:
|
|
*
|
|
* - `tokenId` token must exist and be owned by `from`.
|
|
* - `to` cannot be the zero address.
|
|
* - `from` cannot be the zero address.
|
|
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
|
|
*
|
|
* Emits a {Transfer} event.
|
|
*/
|
|
function _safeTransfer(address from, address to, uint256 tokenId) internal {
|
|
_safeTransfer(from, to, tokenId, "");
|
|
}
|
|
|
|
/**
|
|
* @dev Same as {xref-ERC721-_safeTransfer-address-address-uint256-}[`_safeTransfer`], with an additional `data` parameter which is
|
|
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
|
|
*/
|
|
function _safeTransfer(address from, address to, uint256 tokenId, bytes memory data) internal virtual {
|
|
_transfer(from, to, tokenId);
|
|
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
|
|
}
|
|
|
|
/**
|
|
* @dev Approve `to` to operate on `tokenId`
|
|
*
|
|
* The `auth` argument is optional. If the value passed is non 0, then this function will check that `auth` is
|
|
* either the owner of the token, or approved to operate on all tokens held by this owner.
|
|
*
|
|
* Emits an {Approval} event.
|
|
*
|
|
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
|
|
*/
|
|
function _approve(address to, uint256 tokenId, address auth) internal {
|
|
_approve(to, tokenId, auth, true);
|
|
}
|
|
|
|
/**
|
|
* @dev Variant of `_approve` with an optional flag to enable or disable the {Approval} event. The event is not
|
|
* emitted in the context of transfers.
|
|
*/
|
|
function _approve(address to, uint256 tokenId, address auth, bool emitEvent) internal virtual {
|
|
// Avoid reading the owner unless necessary
|
|
if (emitEvent || auth != address(0)) {
|
|
address owner = _requireOwned(tokenId);
|
|
|
|
// We do not use _isAuthorized because single-token approvals should not be able to call approve
|
|
if (auth != address(0) && owner != auth && !isApprovedForAll(owner, auth)) {
|
|
revert ERC721InvalidApprover(auth);
|
|
}
|
|
|
|
if (emitEvent) {
|
|
emit Approval(owner, to, tokenId);
|
|
}
|
|
}
|
|
|
|
_tokenApprovals[tokenId] = to;
|
|
}
|
|
|
|
/**
|
|
* @dev Approve `operator` to operate on all of `owner` tokens
|
|
*
|
|
* Requirements:
|
|
* - operator can't be the address zero.
|
|
*
|
|
* Emits an {ApprovalForAll} event.
|
|
*/
|
|
function _setApprovalForAll(address owner, address operator, bool approved) internal virtual {
|
|
if (operator == address(0)) {
|
|
revert ERC721InvalidOperator(operator);
|
|
}
|
|
_operatorApprovals[owner][operator] = approved;
|
|
emit ApprovalForAll(owner, operator, approved);
|
|
}
|
|
|
|
/**
|
|
* @dev Reverts if the `tokenId` doesn't have a current owner (it hasn't been minted, or it has been burned).
|
|
* Returns the owner.
|
|
*
|
|
* Overrides to ownership logic should be done to {_ownerOf}.
|
|
*/
|
|
function _requireOwned(uint256 tokenId) internal view returns (address) {
|
|
address owner = _ownerOf(tokenId);
|
|
if (owner == address(0)) {
|
|
revert ERC721NonexistentToken(tokenId);
|
|
}
|
|
return owner;
|
|
}
|
|
}
|
|
|