UniSwap源码主要包括核心合约(uinswap-v2-core),周边合约(uniswap-v2-periphery)两部分。
其中核心合约它为Uniswap上所有交易对提供基础的安全保证,包括3个合约:
工厂合约(UniswapV2Factory.sol)
配对合约(UniswapV2Pair.sol)
ERC20合约(UniswapV2ERC20.sol)
周边合约用来和核心合约交互,方便用户和前端使用,但并不是核心合约的一部分,包括一些示例代码,例如价格预言机、闪电交换等。其中比较中重要的是路由合约,还有其他一些Library库合约。Uniswap V2中的库提供了大量便利工具。
核心合约
1,工厂合约(UniswapV2Factory.sol)
作用:负责布署配对合约
pragma solidity =0.5.16;
import './interfaces/IUniswapV2Factory.sol';
import './UniswapV2Pair.sol';
contract UniswapV2Factory is IUniswapV2Factory {
//变量定义为public属性,编译后会默认构建一个同名public函数,用来获取该值
address public feeTo;//设置3%手续费中的1/6分给开发团队,默认为空不分配
address public feeToSetter;//设置手续费的人,相当于owner
mapping(address => mapping(address => address)) public getPair;//三个address,前两个分别为交易对中两种ERC20代币合约的地址,最后一个是交易对合约本身的地址
address[] public allPairs;//所有交易对
event PairCreated(address indexed token0, address indexed token1, address pair, uint);
//构造函数,收税开关权限控制
constructor(address _feeToSetter) public {
feeToSetter = _feeToSetter;
}
//获取所有交易对的数量
function allPairsLength() external view returns (uint) {
return allPairs.length;
}
/**
* 创建配对
* @param tokenA TokenA 地址
* @param tokenB TokenB 地址
* @return pair 配对地址
*/
function createPair(address tokenA, address tokenB) external returns (address pair) {
//检查两个合约地址
require(tokenA != tokenB, 'UniswapV2: IDENTICAL_ADDRESSES');
//tokenA和tokenB的地址从小到大排列
(address token0, address token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA);
//排列后,小的那个也要大于0
require(token0 != address(0), 'UniswapV2: ZERO_ADDRESS');
//检查在getPair中是否已经存在
require(getPair[token0][token1] == address(0), 'UniswapV2: PAIR_EXISTS');
//获取模板合约UniswapV2Pair的creationCode即字节码
bytes memory bytecode = type(UniswapV2Pair).creationCode;
//生成一个随机,但是却固定的数字作为作为种子生产salt
bytes32 salt = keccak256(abi.encodePacked(token0, token1));
/**
create2(v, n, p, s) 用 mem[p...(p + s)) 中的代码,在地址
keccak256(<address>.n.keccak256(mem[p...(p + s)))
上创建新合约、发送 v wei并返回新地址
mem[a...b) 表示从位置 a 开始至(不包括)位置 b 的内存字节数
add(x, y)表示x + y
mload(p)表示mem[p...(p + 32))
*/
//综上所述,create2方法就是使用bytecode创建了一个地址已经提前计算好的新合约,并且不用支付手续费,合约地址是pair
assembly {
pair := create2(0, add(bytecode, 32), mload(bytecode), salt)
}
//调用pair地址合约中的initialize方法,传入变量token0和token1
IUniswapV2Pair(pair).initialize(token0, token1);
//在本合约中记录下刚刚创建的合约地址
getPair[token0][token1] = pair;
getPair[token1][token0] = pair;
//allPairs中也记录一份
allPairs.push(pair);
//触发事件
emit PairCreated(token0, token1, pair, allPairs.length);
}
//用于设置收手续费地址(只有feeToSetter才可以设置)
function setFeeTo(address _feeTo) external {
require(msg.sender == feeToSetter, 'UniswapV2: FORBIDDEN');
feeTo = _feeTo;
}
//更改owner
function setFeeToSetter(address _feeToSetter) external {
require(msg.sender == feeToSetter, 'UniswapV2: FORBIDDEN');
feeToSetter = _feeToSetter;
}
}
2,配对合约(UniswapV2Pair.sol)
pragma solidity >=0.5.16;
import './interfaces/IUniswapV2Pair.sol';
import './UniswapV2ERC20.sol';
import './libraries/Math.sol';
import './libraries/UQ112x112.sol';
import './interfaces/IERC20.sol';
import './interfaces/IUniswapV2Factory.sol';
import './interfaces/IUniswapV2Callee.sol';
/// 配对合约
contract UniswapV2Pair is IUniswapV2Pair, UniswapV2ERC20 {
using SafeMath for uint;
using UQ112x112 for uint224;
// 最小流动性 1000
/*
Uniswap白皮书中解释:
公式可确保流动性池份额的价值永远不会低于该池中储备的几何平均值。但是,流动资金池份
额的价值有可能随着时间的推移增长,这可以通过累积交易费用或通过向流动资金池的“捐赠”来实
现。从理论上讲,这可能导致最小数量的流动性池份额(1e-18池份额)的价值过高,以至于小型流动
性提供者无法提供任何流动性。
为了缓解这种情况,Uniswap v2会刻录创建的第一个1e-15(0.000000000000001)池份额(池份额
最小数量的1000倍),然后将它们发送到零地址,而不是发送到铸造者。对于几乎所有令牌对来说,
这应该是微不足道的成本。但是,这大大增加了上述攻击的成本。为了将流动资金池份额的价值提
到100美元,攻击者需要向该池捐赠100,000美元,该资金将永久锁定为流动资金。
*/
uint public constant MINIMUM_LIQUIDITY = 10**3;
// transfer ERC20接口合约中最基础的发送方法
bytes4 private constant SELECTOR =
// 取hash过后的前4位十六进制,共8个字符,表示调用方法的方法名
// transfer(address,uint256) 表示接口方法中的方法名和参数类型
bytes4(keccak256(bytes('transfer(address,uint256)')));
address public factory; // 工厂合约地址
address public token0; // tA
address public token1; // tB
// uses single storage slot, accessible via getReserves(使用单个存储插槽,可通过getReserves访问),是private的
uint112 private reserve0; // 储备量0
uint112 private reserve1; // 储备量1
uint32 private blockTimestampLast; // 时间戳
uint public price0CumulativeLast; //价格0,最后累计值。在周边合约的预言机中有使用到
uint public price1CumulativeLast; //价格1,最后累计值。(https://github.com/Uniswap/uniswap-v2-periphery/blob/master/contracts/examples/ExampleOracleSimple.sol)
// 储备金0 * 储备金1,截至最近一次流动性事件后
// 在最近一次流动性事件之后的k值
uint public kLast; // reserve0 * reserve1, as of immediately after the most recent liquidity event
// 修饰符:防止重入的开关
uint private unlocked = 1;
modifier lock() {
require(unlocked == 1, 'UniswapV2: LOCKED');
unlocked = 0;
_;
unlocked = 1;
}
// 获取储备量
function getReserves() public view returns (uint112 _reserve0, uint112 _reserve1, uint32 _blockTimestampLast) {
_reserve0 = reserve0; // 储备量0
_reserve1 = reserve1; // 储备量1
_blockTimestampLast = blockTimestampLast; // 时间戳
}
// private的安全的发送函数
function _safeTransfer(address token, address to, uint value) private {
// 在一个合约调用另一个合约中,可以通过接口合约调用
// 没有接口合约的情况下,可以使用底层的call方法,
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(SELECTOR, to, value));
// 校验上面方法调用的结果
// bool 为true && (data的长度为0 || abi反解码之后的bool = true)
require(success && (data.length == 0 || abi.decode(data, (bool))), 'UniswapV2: TRANSFER_FAILED');
}
// 铸造事件
event Mint(address indexed sender, uint amount0, uint amount1);
// 销毁事件
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
// 交换事件
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
// 同步事件
event Sync(uint112 reserve0, uint112 reserve1);
// 初始化构造方法,给工厂合约部署者赋值
constructor() public {
factory = msg.sender;
}
// 初始化部署合约,由工厂合约来完成
function initialize(address _token0, address _token1) external {
require(msg.sender == factory, 'UniswapV2: FORBIDDEN'); // sufficient check
token0 = _token0;
token1 = _token1;
}
// update reserves and, on the first call per block, price accumulators
// 更新储备量,并在每个区块首次调用时,累积价格
function _update(
uint balance0, // 余额0
uint balance1, // 余额1
uint112 _reserve0, // 储备0
uint112 _reserve1 // 储备1
) private {
// 校验余额0和余额1小等于uint112的最大数值,防止溢出
require(balance0 <= uint112(-1) && balance1 <= uint112(-1), 'UniswapV2: OVERFLOW');
// block.timestamp 区块时间戳
// block.timestamp % 2**32 将timestamp % uint32的最大值,得到uint32类型的timestamp
uint32 blockTimestamp = uint32(block.timestamp % 2**32);
// 计算时间流逝。当前时间戳 - 最近一次流动性事件的时间戳
// (目的是为了校验更改的区块是过去时间已存在的)
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // overflow is desired
// 满足条件 ( 间隔时间 > 0 && 储备量0,1 != 0 )
if (timeElapsed > 0 && _reserve0 != 0 && _reserve1 != 0) {
// 最后累计的价格0 = UQ112(储备量1 / 储备量0) * 时间流逝
// 最后累计的价格1 = UQ112(储备量0 / 储备量1) * 时间流逝
// 计算得到的值在用于价格预言机中使用
price0CumulativeLast += uint(UQ112x112.encode(_reserve1).uqdiv(_reserve0)) * timeElapsed;
price1CumulativeLast += uint(UQ112x112.encode(_reserve0).uqdiv(_reserve1)) * timeElapsed;
}
// 将余额0和余额1分别赋值给储备量0和储备量1
reserve0 = uint112(balance0);
reserve1 = uint112(balance1);
// 更新时间戳
blockTimestampLast = blockTimestamp;
// 触发同步事件
emit Sync(reserve0, reserve1);
}
// 如果收取费用,铸造流动性相当于1/6的增长sqrt(k)
// if fee is on, mint liquidity equivalent to 1/6th of the growth in sqrt(k)
function _mintFee(uint112 _reserve0, uint112 _reserve1) private returns (bool feeOn) {
// 获取工厂合约中的收税地址
address feeTo = IUniswapV2Factory(factory).feeTo();
// 定义个bool,如果feeTo地址为0,表示不收费
feeOn = feeTo != address(0);
uint _kLast = kLast; // gas savings 恒定乘积做市商 x * y = k 上次收取费用的增长
if (feeOn) {
if (_kLast != 0) {
// 以下算法在白皮书中有体现
/**
* Sm = [ (sqrt(k2) - sqrt(k1)) / 5*sqrt(k2) + sqrt(k1) ] * S1
*/
// S1表示在t1时间的流通股总数(totalSupply)
uint rootK = Math.sqrt(uint(_reserve0).mul(_reserve1)); // K2
uint rootKLast = Math.sqrt(_kLast); // K1
if (rootK > rootKLast) {
uint numerator = totalSupply.mul(rootK.sub(rootKLast)); // 分子
uint denominator = rootK.mul(5).add(rootKLast); // 分母
uint liquidity = numerator / denominator;
if (liquidity > 0) _mint(feeTo, liquidity); // 如果计算得出的流动性 > 0,将流动性铸造给feeTo地址
}
}
} else if (_kLast != 0) {
kLast = 0;
}
}
// this low-level function should be called from a contract which performs important safety checks
// 应该从执行重要安全检查的合同中调用此低级功能
// to : 计算处理的流动性代币数额将给到这个地址
function mint(address to) external lock returns (uint liquidity) {
// 从getReserves() 中获取t0 和 t1 的储备量,可以节省gas (view)
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
// 根据ERC20合约,可以获得token0和token1当前合约地址中所拥有的余额
uint balance0 = IERC20(token0).balanceOf(address(this));
uint balance1 = IERC20(token1).balanceOf(address(this));
// amount0 = 余额0 - 储备0 ,表示本次带来的值
uint amount0 = balance0.sub(_reserve0);
uint amount1 = balance1.sub(_reserve1);
// 计算流动性,根据是否开启收税给相应地址发送协议费用
bool feeOn = _mintFee(_reserve0, _reserve1);
//获取totalSupply,必须在此处定义,因为totalSupply可以在mintFee中更新
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
if (_totalSupply == 0) {
//流动性 = (数量0 * 数量1)的平方根 - 最小流动性1000
liquidity = Math.sqrt(amount0.mul(amount1)).sub(MINIMUM_LIQUIDITY);
//在总量为0的初始状态,永久锁定最低流动性(将它们发送到零地址,而不是发送到铸造者。)
_mint(address(0), MINIMUM_LIQUIDITY); // permanently lock the first MINIMUM_LIQUIDITY tokens
} else {
//流动性 = 最小值 (amount0 * _totalSupply / _reserve0) 和 (amount1 * _totalSupply / _reserve1)
liquidity = Math.min(amount0.mul(_totalSupply) / _reserve0, amount1.mul(_totalSupply) / _reserve1);
}
// 校验流动性 > 0
require(liquidity > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_MINTED');
// 铸造流动性发送给to地址
_mint(to, liquidity);
// 更新储备量
_update(balance0, balance1, _reserve0, _reserve1);
//如果铸造费开关为true, k值 = 储备0 * 储备1
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
// 触发铸造事件
emit Mint(msg.sender, amount0, amount1);
}
// this low-level function should be called from a contract which performs important safety checks
// 此低级功能应从执行重要安全检查的合同中调用
// 合约销毁(外部调用)
/*
销毁方法总结:
1. 路由合约带入一个准备销毁多少流动性的数额,将这个数额发送给pair合约
2. pair计算出准备销毁的流动性数额占供应的流动性总量的比例
3. pair合约中的t0 和 t1 的余额 乘以比例,就分别得出需要取出的t0和t1的值为a0和a1
4. 将计算得到的a0和a1的值安全发送给to地址
5. 更新储备量
6. 如果收取协议费用,需要更新恒定乘积
7. 触发销毁事件
*/
function burn(address to) external lock returns (uint amount0, uint amount1) {
// 获取储备量
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
// 获取当前调用者的地址在token0和token1中的余额
uint balance0 = IERC20(_token0).balanceOf(address(this));
uint balance1 = IERC20(_token1).balanceOf(address(this));
// 获得当前地址的流动性(当前合约地址是不应该有余额的,因为在铸造配对合约过程中,最后是将计算到的流动性赋值给了传入的to地址)
// 这个流动性的实际值是从路由合约的移除流动性方法中发送过来的(将调用者的流动性发送给pair合约)
// removeLiquidity ==》 IUniswapV2Pair(pair).transferFrom(msg.sender, pair, liquidity);
uint liquidity = balanceOf[address(this)];
// 计算协议费用
bool feeOn = _mintFee(_reserve0, _reserve1);
// 节省gas,必须在此处定义,因为totalSupply可以在_mintFee中更新
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
// 使用余额确保按比例分配(取出的数值 = 我所拥有的流动性占比 * 总余额)
amount0 = liquidity.mul(balance0) / _totalSupply; // using balances ensures pro-rata distribution
amount1 = liquidity.mul(balance1) / _totalSupply; // using balances ensures pro-rata distribution
// 校验取出余额都大于0
require(amount0 > 0 && amount1 > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_BURNED');
// 使用erc20的销毁方法,为当前合约地址销毁流动性
_burn(address(this), liquidity);
// 调用安全发送方法,分别将t0取出的amount0和t1取出的amount1发送给to地址
_safeTransfer(_token0, to, amount0);
_safeTransfer(_token1, to, amount1);
// 取出当前地址在合约上t0和t1的余额
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
// 更新储备量
_update(balance0, balance1, _reserve0, _reserve1);
// 如果开启了收取协议费用,则 kLast = x * y
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
// 触发销毁事件
// msg.sender 此时应该为路由合约地址
emit Burn(msg.sender, amount0, amount1, to);
}
// this low-level function should be called from a contract which performs important safety checks
// 应该从执行重要安全检查的合同中调用此低级功能
function swap(
uint amount0Out, // 要取出的数额0
uint amount1Out, // 要取出的数额1
address to, // 取出存放的地址
bytes calldata data // 存储的函数参数,只读。外部函数的参数(不包括返回参数)被强制为calldata
) external lock { // 防重入lock
// 校验取出数额0 或者 数额1其中一个大于 0
require(amount0Out > 0 || amount1Out > 0, 'UniswapV2: INSUFFICIENT_OUTPUT_AMOUNT');
// 获取储备量0和储备量1
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
// 校验取出数额0小于储备量0 && 取出数额1小于储备量1
require(amount0Out < _reserve0 && amount1Out < _reserve1, 'UniswapV2: INSUFFICIENT_LIQUIDITY');
uint balance0;
uint balance1;
// _token {0,1}的范围,避免了堆栈太深的错误
{ // scope for _token{0,1}, avoids stack too deep errors
address _token0 = token0;
address _token1 = token1;
// 校验to地址不能是t0和t1的地址
require(to != _token0 && to != _token1, 'UniswapV2: INVALID_TO');
// 确认取出数额大于0 ,就分别将t0和t1的数额安全发送到to地址
if (amount0Out > 0) _safeTransfer(_token0, to, amount0Out); // optimistically transfer tokens
if (amount1Out > 0) _safeTransfer(_token1, to, amount1Out); // optimistically transfer tokens
// 如果data长度大于0 ,调用to地址的接口
if (data.length > 0)
// 闪电贷
IUniswapV2Callee(to).uniswapV2Call(msg.sender, amount0Out, amount1Out, data);
// 获取最新的t0和t1余额
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
}
// amountIn = balance - (_reserve - amountOut)
// 根据取出的储备量、原有储备量以及最新的余额,反推得到输入的数额
uint amount0In = balance0 > _reserve0 - amount0Out ? balance0 - (_reserve0 - amount0Out) : 0;
uint amount1In = balance1 > _reserve1 - amount1Out ? balance1 - (_reserve1 - amount1Out) : 0;
// 确保任意一个输入数额大于0
require(amount0In > 0 || amount1In > 0, 'UniswapV2: INSUFFICIENT_INPUT_AMOUNT');
{ // scope for reserve{0,1}Adjusted, avoids stack too deep errors
// 调整后的余额 = 最新余额 - 扣税金额 (相当于乘以997/1000)
uint balance0Adjusted = balance0.mul(1000).sub(amount0In.mul(3));
uint balance1Adjusted = balance1.mul(1000).sub(amount1In.mul(3));
// 校验是否进行了扣税计算
require(balance0Adjusted.mul(balance1Adjusted) >= uint(_reserve0).mul(_reserve1).mul(1000**2), 'UniswapV2: K');
}
// 更新储备量
_update(balance0, balance1, _reserve0, _reserve1);
// 触发交换事件
emit Swap(msg.sender, amount0In, amount1In, amount0Out, amount1Out, to);
}
// force balances to match reserves
// 强制余额与准备金匹配(按照储备量去匹配余额)
function skim(address to) external lock {
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
// 多余储备量的金额发送给to地址
_safeTransfer(_token0, to, IERC20(_token0).balanceOf(address(this)).sub(reserve0));
_safeTransfer(_token1, to, IERC20(_token1).balanceOf(address(this)).sub(reserve1));
}
// force reserves to match balances
// 强制准备金与余额匹配(按照余额去匹配储备量)
function sync() external lock {
_update(
IERC20(token0).balanceOf(address(this)),
IERC20(token1).balanceOf(address(this)),
reserve0,
reserve1);
}
}
3,ERC20合约(UniswapV2ERC20.sol)
pragma solidity =0.5.16;
import './interfaces/IUniswapV2ERC20.sol';
import './libraries/SafeMath.sol';
contract UniswapV2ERC20 is IUniswapV2ERC20 {
using SafeMath for uint;
string public constant name = 'Uniswap V2';
string public constant symbol = 'UNI-V2';
uint8 public constant decimals = 18;
uint public totalSupply;
mapping(address => uint) public balanceOf;
mapping(address => mapping(address => uint)) public allowance;
bytes32 public DOMAIN_SEPARATOR;
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
mapping(address => uint) public nonces;
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
constructor() public {
uint chainId;
assembly {
chainId := chainid
}
DOMAIN_SEPARATOR = keccak256(
abi.encode(
keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)'),
keccak256(bytes(name)),
keccak256(bytes('1')),
chainId,
address(this)
)
);
}
function _mint(address to, uint value) internal {//铸币
totalSupply = totalSupply.add(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(address(0), to, value);
}
function _burn(address from, uint value) internal {//销毁
balanceOf[from] = balanceOf[from].sub(value);
totalSupply = totalSupply.sub(value);
emit Transfer(from, address(0), value);
}
function _approve(address owner, address spender, uint value) private {//授权
allowance[owner][spender] = value;
emit Approval(owner, spender, value);
}
function _transfer(address from, address to, uint value) private {//交易
balanceOf[from] = balanceOf[from].sub(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(from, to, value);
}
function approve(address spender, uint value) external returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
function transfer(address to, uint value) external returns (bool) {
_transfer(msg.sender, to, value);
return true;
}
function transferFrom(address from, address to, uint value) external returns (bool) {//授权的交易
if (allowance[from][msg.sender] != uint(-1)) {
allowance[from][msg.sender] = allowance[from][msg.sender].sub(value);
}
_transfer(from, to, value);
return true;
}
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external {
require(deadline >= block.timestamp, 'UniswapV2: EXPIRED');
bytes32 digest = keccak256(
abi.encodePacked(
'\x19\x01',
DOMAIN_SEPARATOR,
keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline))
)
);
address recoveredAddress = ecrecover(digest, v, r, s);
require(recoveredAddress != address(0) && recoveredAddress == owner, 'UniswapV2: INVALID_SIGNATURE');
_approve(owner, spender, value);
}
}
转载请注明来源
