币乎是什么
币乎(bihu.com)是代币驱动的代币投资者垂直社区。在币乎,用户的付出和贡献将获得
相应的回报。币乎将引入币乎 ID,以实现平台的透明化运作。KEY 是币乎的区块链代币,代
表币乎及其周边生态的使用权。
本文要解读的币乎合约是币乎基于ERC20标准发布的代币。
合约和白皮书
- 合约地址
- 白皮书地址
币乎合约类图
合约详解
币乎合约实在ERC20标准下在以太坊发布的一款代币。类似的代币还有EOS代币等。
ERC20标准很简单,主要是定义了8个函数和3个属性。详情可以查看ERC20合约。币乎合约派生至ERC20合约。
DSToken合约是币乎代币的主体合约。我们可以从这个合约的方法往上捋其实现和其超类的实现。
合约定义
// 继承自超类DSTokenBase和DSStop
//DSTokenBase(0)意思是用0为参数(总供给)构造DSTokenBase类
contract DSToken is DSTokenBase(0), DSStop
- DSStop超类主要定义了两个函数和一个修改器
- start():将合约置于启动状态。
- stop():将合约置于停止状态。
- modifyer stoppable():检查合约状态,如果处于停止状态,将拦截所有定义了stoppable修改器的函数调用。
- DSTokenBase超类派生至ERC20合约,实现了所有ERC20的方法和属性
DSToken:构造合约
function DSToken(bytes32 symbol_) {
// 保存知乎KEY的代币符号。ERC20标准属性。
symbol = symbol_;
// 将合约的发送者地址保存为创建者。ERC20标准属性。
generator=msg.sender;
}
transfer:转账
// ERC20标准接口。使用了两个修改器stoppable和note
function transfer(address dst, uint wad) stoppable note returns (bool) {
// 将参数透传给超类DSTokenBase
return super.transfer(dst, wad);
}
stoppable修改器
modifier stoppable {
// 断言stopped是否为假
assert (!stopped);
_;
}
require和assert的区别:
- require为假时,会回滚状态改变
- assert为假时,不会回滚状态改变
note修改器
event LogNote(
bytes4 indexed sig,
address indexed guy,
bytes32 indexed foo,
bytes32 indexed bar,
uint wad,
bytes fax
) anonymous; //匿名消息(不记录"LogNote")
modifier note {
bytes32 foo;
bytes32 bar;
// 插入EVM汇编指令
assembly {
// 获取调用合约的第一个参数。长度32字节。跳过前4字节是因为前4字节是函数选择器
foo := calldataload(4)
// 获取调用合约的第二个参数。长度32字节。
bar := calldataload(36)
}
// 发送LogNote消息
LogNote(msg.sig, msg.sender, foo, bar, msg.value, msg.data);
_;
}
transfer在DSTokenBase中的实现
function transfer(address dst, uint wad) returns (bool) {
// 断言发送者代币余额
assert(_balances[msg.sender] >= wad);
// 扣除发送者余额
_balances[msg.sender] = sub(_balances[msg.sender], wad);
// 增加接收者余额
_balances[dst] = add(_balances[dst], wad);
// 发送Transfer消息。ERC20标准接口。
Transfer(msg.sender, dst, wad);
return true;
}
- Solidity合约在转账时建议采用如下顺序,避免重入导致代币已经转出余额不够扣的情况
- 检查:检查余额,发送者,接收者等
- 扣款:先扣除发送者的余额
- 打款:增加接收者的余额
transferFrom从他人处转账
// ERC20标准接口
function transferFrom(
address src, address dst, uint wad
) stoppable note returns (bool) {
// 调用超类DSTokenBase
return super.transferFrom(src, dst, wad);
}
超类实现
function transferFrom(address src, address dst, uint wad) returns (bool) {
assert(_balances[src] >= wad);
// 断言支付方对转账发起方的授权余额
assert(_approvals[src][msg.sender] >= wad);
// 扣除支付方对转账发起方的授权余额
_approvals[src][msg.sender] = sub(_approvals[src][msg.sender], wad);
_balances[src] = sub(_balances[src], wad);
_balances[dst] = add(_balances[dst], wad);
Transfer(src, dst, wad);
return true;
}
push:给别人转账
这其实是transfer的别名。
pull:把别人的代币转给我
function pull(address src, uint128 wad) returns (bool) {
// 将src的钱转给合约调用者,前提是src对调用者有足额授权
return transferFrom(src, msg.sender, wad);
}
mint:造币
// 只有合约创建者,被认证者可以造币。
function mint(uint128 wad) auth stoppable note {
// 给合约调用者加代币
_balances[msg.sender] = add(_balances[msg.sender], wad);
// 增加总供给
_supply = add(_supply, wad);
}
auth修改器
DSAuthEvents合约中的实现
modifier auth {
// 断言
assert(isAuthorized(msg.sender, msg.sig));
_;
}
function isAuthorized(address src, bytes4 sig) internal returns (bool) {
if (src == address(this)) {
// 如果是合约自己调用该函数,返回true
return true;
} else if (src == owner) {
// 如果是合约的创建者,返回true
return true;
} else if (authority == DSAuthority(0)) {
// 如果authority没有被设置(没人调用过setAuthority(),该值为初始0值)
return false;
} else {
// 如果authority被设置过,调用authority合约判断授权
return authority.canCall(src, this, sig);
}
}
burn:烧钱
这是币乎比较有意思的地方。根据币乎的白皮书,打广告等行为是会“烧钱”的,人为制造通缩,鼓励持有者持币升值。
// 只有合约创建者和被认证者能烧钱。减少总供给。
function burn(uint128 wad) auth stoppable note {
_balances[msg.sender] = sub(_balances[msg.sender], wad);
_supply = sub(_supply, wad);
}
generatorTransfer:超级权限转账
modifier onlyGenerator {
// 如果不是创建者,回滚状态,返回剩余gas
if(msg.sender!=generator) throw;
_;
}
// 合约创建者在任何状态下都可以转账,包括stop状态
function generatorTransfer(address dst, uint wad) onlyGenerator note returns (bool) {
return super.transfer(dst, wad);
}
设置代币名称
// 只有创建者和认证用户可以设置/修改代币名称
function setName(bytes32 name_) auth {
// ERC20标准属性
name = name_;
}
币乎合约全文
// Copyright (C) 2017 DappHub, LLC
pragma solidity ^0.4.11;
//import "ds-exec/exec.sol";
contract DSExec {
function tryExec( address target, bytes calldata, uint value)
internal
returns (bool call_ret)
{
return target.call.value(value)(calldata);
}
function exec( address target, bytes calldata, uint value)
internal
{
if(!tryExec(target, calldata, value)) {
throw;
}
}
// Convenience aliases
function exec( address t, bytes c )
internal
{
exec(t, c, 0);
}
function exec( address t, uint256 v )
internal
{
bytes memory c; exec(t, c, v);
}
function tryExec( address t, bytes c )
internal
returns (bool)
{
return tryExec(t, c, 0);
}
function tryExec( address t, uint256 v )
internal
returns (bool)
{
bytes memory c; return tryExec(t, c, v);
}
}
//import "ds-auth/auth.sol";
contract DSAuthority {
function canCall(
address src, address dst, bytes4 sig
) constant returns (bool);
}
contract DSAuthEvents {
event LogSetAuthority (address indexed authority);
event LogSetOwner (address indexed owner);
}
contract DSAuth is DSAuthEvents {
DSAuthority public authority;
address public owner;
function DSAuth() {
owner = msg.sender;
LogSetOwner(msg.sender);
}
function setOwner(address owner_)
auth
{
owner = owner_;
LogSetOwner(owner);
}
function setAuthority(DSAuthority authority_)
auth
{
authority = authority_;
LogSetAuthority(authority);
}
modifier auth {
assert(isAuthorized(msg.sender, msg.sig));
_;
}
function isAuthorized(address src, bytes4 sig) internal returns (bool) {
if (src == address(this)) {
return true;
} else if (src == owner) {
return true;
} else if (authority == DSAuthority(0)) {
return false;
} else {
return authority.canCall(src, this, sig);
}
}
function assert(bool x) internal {
if (!x) throw;
}
}
//import "ds-note/note.sol";
contract DSNote {
event LogNote(
bytes4 indexed sig,
address indexed guy,
bytes32 indexed foo,
bytes32 indexed bar,
uint wad,
bytes fax
) anonymous;
modifier note {
bytes32 foo;
bytes32 bar;
assembly {
foo := calldataload(4)
bar := calldataload(36)
}
LogNote(msg.sig, msg.sender, foo, bar, msg.value, msg.data);
_;
}
}
//import "ds-math/math.sol";
contract DSMath {
/*
standard uint256 functions
*/
function add(uint256 x, uint256 y) constant internal returns (uint256 z) {
assert((z = x + y) >= x);
}
function sub(uint256 x, uint256 y) constant internal returns (uint256 z) {
assert((z = x - y) <= x);
}
function mul(uint256 x, uint256 y) constant internal returns (uint256 z) {
z = x * y;
assert(x == 0 || z / x == y);
}
function div(uint256 x, uint256 y) constant internal returns (uint256 z) {
z = x / y;
}
function min(uint256 x, uint256 y) constant internal returns (uint256 z) {
return x <= y ? x : y;
}
function max(uint256 x, uint256 y) constant internal returns (uint256 z) {
return x >= y ? x : y;
}
/*
uint128 functions (h is for half)
*/
function hadd(uint128 x, uint128 y) constant internal returns (uint128 z) {
assert((z = x + y) >= x);
}
function hsub(uint128 x, uint128 y) constant internal returns (uint128 z) {
assert((z = x - y) <= x);
}
function hmul(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = x * y;
assert(x == 0 || z / x == y);
}
function hdiv(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = x / y;
}
function hmin(uint128 x, uint128 y) constant internal returns (uint128 z) {
return x <= y ? x : y;
}
function hmax(uint128 x, uint128 y) constant internal returns (uint128 z) {
return x >= y ? x : y;
}
/*
int256 functions
*/
function imin(int256 x, int256 y) constant internal returns (int256 z) {
return x <= y ? x : y;
}
function imax(int256 x, int256 y) constant internal returns (int256 z) {
return x >= y ? x : y;
}
/*
WAD math
*/
uint128 constant WAD = 10 ** 18;
function wadd(uint128 x, uint128 y) constant internal returns (uint128) {
return hadd(x, y);
}
function wsub(uint128 x, uint128 y) constant internal returns (uint128) {
return hsub(x, y);
}
function wmul(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = cast((uint256(x) * y + WAD / 2) / WAD);
}
function wdiv(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = cast((uint256(x) * WAD + y / 2) / y);
}
function wmin(uint128 x, uint128 y) constant internal returns (uint128) {
return hmin(x, y);
}
function wmax(uint128 x, uint128 y) constant internal returns (uint128) {
return hmax(x, y);
}
/*
RAY math
*/
uint128 constant RAY = 10 ** 27;
function radd(uint128 x, uint128 y) constant internal returns (uint128) {
return hadd(x, y);
}
function rsub(uint128 x, uint128 y) constant internal returns (uint128) {
return hsub(x, y);
}
function rmul(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = cast((uint256(x) * y + RAY / 2) / RAY);
}
function rdiv(uint128 x, uint128 y) constant internal returns (uint128 z) {
z = cast((uint256(x) * RAY + y / 2) / y);
}
function rpow(uint128 x, uint64 n) constant internal returns (uint128 z) {
// This famous algorithm is called "exponentiation by squaring"
// and calculates x^n with x as fixed-point and n as regular unsigned.
//
// It's O(log n), instead of O(n) for naive repeated multiplication.
//
// These facts are why it works:
//
// If n is even, then x^n = (x^2)^(n/2).
// If n is odd, then x^n = x * x^(n-1),
// and applying the equation for even x gives
// x^n = x * (x^2)^((n-1) / 2).
//
// Also, EVM division is flooring and
// floor[(n-1) / 2] = floor[n / 2].
z = n % 2 != 0 ? x : RAY;
for (n /= 2; n != 0; n /= 2) {
x = rmul(x, x);
if (n % 2 != 0) {
z = rmul(z, x);
}
}
}
function rmin(uint128 x, uint128 y) constant internal returns (uint128) {
return hmin(x, y);
}
function rmax(uint128 x, uint128 y) constant internal returns (uint128) {
return hmax(x, y);
}
function cast(uint256 x) constant internal returns (uint128 z) {
assert((z = uint128(x)) == x);
}
}
//import "erc20/erc20.sol";
contract ERC20 {
function totalSupply() constant returns (uint supply);
function balanceOf( address who ) constant returns (uint value);
function allowance( address owner, address spender ) constant returns (uint _allowance);
function transfer( address to, uint value) returns (bool ok);
function transferFrom( address from, address to, uint value) returns (bool ok);
function approve( address spender, uint value ) returns (bool ok);
event Transfer( address indexed from, address indexed to, uint value);
event Approval( address indexed owner, address indexed spender, uint value);
}
//import "ds-token/base.sol";
contract DSTokenBase is ERC20, DSMath {
uint256 _supply;
mapping (address => uint256) _balances;
mapping (address => mapping (address => uint256)) _approvals;
function DSTokenBase(uint256 supply) {
_balances[msg.sender] = supply;
_supply = supply;
}
function totalSupply() constant returns (uint256) {
return _supply;
}
function balanceOf(address src) constant returns (uint256) {
return _balances[src];
}
function allowance(address src, address guy) constant returns (uint256) {
return _approvals[src][guy];
}
function transfer(address dst, uint wad) returns (bool) {
assert(_balances[msg.sender] >= wad);
_balances[msg.sender] = sub(_balances[msg.sender], wad);
_balances[dst] = add(_balances[dst], wad);
Transfer(msg.sender, dst, wad);
return true;
}
function transferFrom(address src, address dst, uint wad) returns (bool) {
assert(_balances[src] >= wad);
assert(_approvals[src][msg.sender] >= wad);
_approvals[src][msg.sender] = sub(_approvals[src][msg.sender], wad);
_balances[src] = sub(_balances[src], wad);
_balances[dst] = add(_balances[dst], wad);
Transfer(src, dst, wad);
return true;
}
function approve(address guy, uint256 wad) returns (bool) {
_approvals[msg.sender][guy] = wad;
Approval(msg.sender, guy, wad);
return true;
}
}
//import "ds-stop/stop.sol";
contract DSStop is DSAuth, DSNote {
bool public stopped;
modifier stoppable {
assert (!stopped);
_;
}
function stop() auth note {
stopped = true;
}
function start() auth note {
stopped = false;
}
}
//import "ds-token/token.sol";
contract DSToken is DSTokenBase(0), DSStop {
bytes32 public symbol;
uint256 public decimals = 18; // standard token precision. override to customize
address public generator;
modifier onlyGenerator {
if(msg.sender!=generator) throw;
_;
}
function DSToken(bytes32 symbol_) {
symbol = symbol_;
generator=msg.sender;
}
function transfer(address dst, uint wad) stoppable note returns (bool) {
return super.transfer(dst, wad);
}
function transferFrom(
address src, address dst, uint wad
) stoppable note returns (bool) {
return super.transferFrom(src, dst, wad);
}
function approve(address guy, uint wad) stoppable note returns (bool) {
return super.approve(guy, wad);
}
function push(address dst, uint128 wad) returns (bool) {
return transfer(dst, wad);
}
function pull(address src, uint128 wad) returns (bool) {
return transferFrom(src, msg.sender, wad);
}
function mint(uint128 wad) auth stoppable note {
_balances[msg.sender] = add(_balances[msg.sender], wad);
_supply = add(_supply, wad);
}
function burn(uint128 wad) auth stoppable note {
_balances[msg.sender] = sub(_balances[msg.sender], wad);
_supply = sub(_supply, wad);
}
// owner can transfer token even stop,
function generatorTransfer(address dst, uint wad) onlyGenerator note returns (bool) {
return super.transfer(dst, wad);
}
// Optional token name
bytes32 public name = "";
function setName(bytes32 name_) auth {
name = name_;
}
}