Noncustodial Vault
The Vault contract receives tokens from Transferer and allows users to withdraw those tokens at a later time. To withdraw those tokens, users will need to pay a fee in ETH.
Below is a function-by-function explanation of the code.
Roles
User Roles
mapping(address => address) private _recipientAddress;
Each user on Harpie will have a registered recipientAddress that is able to withdraw their tokens transferred in by Transferer.
Contract-wide Roles
address private immutable transferer; // set during construction
address payable private feeController;
address private immutable serverSigner; // set during construction
address private immutable emergencyFeeRemover; // set during construction
There are four contract-wide roles (one dynamic, three immutable and set during construction) in this contract:
-
transfereris the address of the associated Transferer -
feeControlleris an address controlled by Harpie that's able to withdraw payments users have deposited and reduce individual users' fees -
serverSigneris an address that we use to validate requests by users to change theirrecipientAddress -
emergencyFeeRemoveris an address of a multi-signature wallet that activates our Emergency Functions, and this multi-sig has majority control by custodians outside the Harpie team
Withdrawal Functions
function withdrawERC721(
address _originalAddress,
address _erc721Address,
uint256 _id
) payable external
function withdrawERC20(
address _originalAddress,
address _erc20Address
) payable external
These functions are only callable by a users' recipientAddress, and allow the recipientAddress to withdraw their tokens.
- Caller must pay a fee in ETH to withdraw, currently set to 0
Recipient Address Functions
function setupRecipientAddress(address _recipient) external
function changeRecipientAddress(
bytes memory _signature,
address _newRecipientAddress,
uint256 expiry
) external
-
setupRecipientAddresscan only be called once by a user to set up their initialrecipientAddress -
changeRecipientAddresscan be called by a user to change theirrecipientAddress- This requires a signature from our
serverSignerfor additional verification
- This requires a signature from our
Log Functions
function logIncomingERC20(
address _originalAddress,
address _erc20Address,
uint256 _amount,
uint128 _fee
) external
function logIncomingERC721(
address _originalAddress,
address _erc721Address,
uint256 _id,
uint128 _fee
) external
These functions store the value and fee for each user's stored tokens.
- These functions are only callable from the
Transferercontract, which run from functions only callable bytransferEOAs
FeeController Functions
function reduceERC20Fee(
address _originalAddress,
address _erc20Address,
uint128 _reduceBy
) external returns (uint128)
function reduceERC721Fee(
address _originalAddress,
address _erc721Address,
uint256 _id,
uint128 _reduceBy
) external returns (uint128)
function withdrawPayments(uint256 _amount) external
function changeFeeControllerRequest(address payable _newFeeController) external
function changeFeeController() external
These functions are only callable by the role feeController.
-
The
feeControllercan only reduce fees, never increase them -
They can withdraw any fees stored in the contract, but never withdraw any tokens
-
changeFeeControllerhas a timelock period of 14 days, which is begun by callingchangeFeeControllerRequest
Emergency Functions
function toggleEmergencyFlag(bool _newSetting) external
function withdrawERC721WithoutFees(
address _originalAddress,
address _erc721Address,
uint256 _id
) external
function withdrawERC20WithoutFees(
address _originalAddress,
address _erc20Address
) external
These emergency functions allow users to freely withdraw their crypto irrespective of any fees. These are put in place to avoid the possibility of maliciously-set withdrawal fees created by an outside attacker.
-
toggleEmergencyFlagis only callable byemergencyFeeRemover -
Once the flag is turned on, any user can withdraw their allocated balance without fees