feat: Introduce MINTER_ROLE for minting control in CompliantFiatToken

- Added MINTER_ROLE constant to manage minting permissions. - Updated mint function to restrict access to addresses with MINTER_ROLE, enhancing security and compliance. - Granted MINTER_ROLE to the initial owner during contract deployment.
2026-03-02 14:22:35 -08:00
parent af4152ac14
commit d36a8947b2
14 changed files with 1290 additions and 1 deletions
--- a/contracts/dbis/DBIS_EIP712Lib.sol
+++ b/contracts/dbis/DBIS_EIP712Lib.sol
@@ -0,0 +1,77 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+/**
+ * @title DBIS_EIP712Lib
+ * @notice Library for EIP-712 hashing and ecrecover to avoid stack-too-deep in router.
+ */
+library DBIS_EIP712Lib {
+    function hashAddressArray(address[] calldata arr) internal pure returns (bytes32) {
+        bytes32[] memory hashes = new bytes32[](arr.length);
+        for (uint256 i = 0; i < arr.length; i++) {
+            hashes[i] = keccak256(abi.encode(arr[i]));
+        }
+        return keccak256(abi.encodePacked(hashes));
+    }
+
+    function hashUint256Array(uint256[] calldata arr) internal pure returns (bytes32) {
+        bytes32[] memory hashes = new bytes32[](arr.length);
+        for (uint256 i = 0; i < arr.length; i++) {
+            hashes[i] = keccak256(abi.encode(arr[i]));
+        }
+        return keccak256(abi.encodePacked(hashes));
+    }
+
+    function getMintAuthStructHash(
+        bytes32 typeHash,
+        bytes32 messageId,
+        bytes32 isoType,
+        bytes32 isoHash,
+        bytes32 accountingRef,
+        uint8 fundsStatus,
+        bytes32 corridor,
+        uint8 assetClass,
+        bytes32 recipientsHash,
+        bytes32 amountsHash,
+        uint64 notBefore,
+        uint64 expiresAt,
+        uint256 chainId,
+        address verifyingContract
+    ) internal pure returns (bytes32) {
+        return keccak256(abi.encode(
+            typeHash,
+            messageId,
+            isoType,
+            isoHash,
+            accountingRef,
+            fundsStatus,
+            corridor,
+            assetClass,
+            recipientsHash,
+            amountsHash,
+            notBefore,
+            expiresAt,
+            chainId,
+            verifyingContract
+        ));
+    }
+
+    function getDigest(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
+        return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
+    }
+
+    function recover(bytes32 digest, bytes calldata signature) internal pure returns (address) {
+        require(signature.length == 65, "DBIS: sig length");
+        bytes32 r;
+        bytes32 s;
+        uint8 v;
+        assembly {
+            r := calldataload(signature.offset)
+            s := calldataload(add(signature.offset, 32))
+            v := byte(0, calldataload(add(signature.offset, 64)))
+        }
+        if (v < 27) v += 27;
+        require(v == 27 || v == 28, "DBIS: invalid v");
+        return ecrecover(digest, v, r, s);
+    }
+}