chriseth · July 16, 2020 13:34 · guest2345 · Aug 13, 2023
diff --git a/hub.sol b/hub.sol
 pragma solidity ^0.5.0;

 import "./Token.sol";
 import "./util.sol";

 import { ResizableArray } from "./resizableArray.sol";


 export {Hub}

 struct Flow
 {
    address identity;
    uint256 sent;
    uint256 received;
 }

 struct Transfer
 {
    address tokenOwner;
    address src;
    address dst;
    uint amount;
 }

 error PathTooComplex();
 error PathInvalid(string reason);
 error TrustLimitExceeded(Transfer transfer, uint maxAmount);



 function appendIfNotExists(ResizableArray[Flow] memory flows, address user) returns (Flow memory)
 {
    for (uint i = 0; i < flows.length; i++)
        if (flows.at(i).identity == user)
            return flows.at(i);
    flows.push(Flow{user, 0, 0});
    return flows.at(flows.length - 1);
 }

 function integrateTransfer(ResizableArray[Flow] memory flows, Transfer calldata transfer)
 {
    appendIfNotExists(flows, transfer.src).sent += transfer.amount;
    appendIfNotExists(flows, transfer.dst).received += transfer.amount;
 }

 function validateTransferThrough(ResizableArray[Flow] memory flows) internal {
    // a valid path has only one true sender and reciever, for all other
    // addresses in the path, sent = received
    // also, the sender should be msg.sender
    address src;
    address dest;
    for (uint i = 0; i < flows.length; i++)
    {
        Flow memory f = flows.at(i);
        if (f.sent > f.received)
        {
            require(src == address(0), PathInvalid("Path sends from more than one src"));
            require(f.identity == msg.sender, PathInvalid("Path doesn't send from transaction sender"));
            require(f.received == 0, PathInvalid("Sender is receiving"));
            src = f.identity;
        }
        if (f.received > f.sent)
        {
            require(dest == address(0), PathInvalid("Path sends to more than one dest"));
            require(f.sent == 0, PathInvalid("Receiver is sending"));
            dest = f.identity;
        }
    }
    require(src != address(0), PathInvalid("Transaction must have a src"));
    require(dest != address(0), PathInvalid("Transaction must have a dest"));
    // the total amounts sent and received by src and dest should match
    require(
        appendIfNotExists(flows, src).sent ==
        appendIfNotExists(flows, dest).received,
        "Unequal sent and received amounts"
    );
    emit HubTransfer(src, dest, validation[src].sent);
 }




 contract Hub {
    address public owner;

    uint256 public inflation;
    uint256 public divisor;
    uint256 public period;
    string public symbol; // = 'CRC';
    uint256 public initialPayout;
    uint256 public initialIssuance;
    uint256 public deployedAt;

    mapping (address => Token) public userToToken;
    mapping (address => address) public tokenToUser;
    mapping (address => mapping (address => uint256)) public limits;

    event Signup(address indexed user, address token);
    event Trust(address indexed canSendTo, address indexed user, uint256 limit);
    event HubTransfer(address indexed from, address indexed to, uint256 amount);


    mapping (address => transferValidator) public validation;
    address[] public seen;

    modifier onlyOwner() {
        require (msg.sender == owner);
        _;
    }

    constructor(address _owner, uint256 _inflation, uint256 _period, string memory _symbol, uint256 _initialPayout, uint256 _initialIssuance) public {
        require (_owner != address(0));
        owner = _owner;
        inflation = _inflation;
        divisor = findDivisor(_inflation);
        period = _period;
        symbol = _symbol;
        initialPayout = _initialPayout;
        initialIssuance = _initialIssuance;
        deployedAt = block.timestamp;
    }

    function findDivisor(uint256 _inf) internal pure returns (uint256) {
        uint256 iter = 0;
        while (_inf.div(pow(10, iter)) > 9) {
            iter += 1;
        }
        return pow(10, iter);
    }

    function periods() public view returns (uint256) {
        return (block.timestamp.sub(deployedAt)).div(period);
    }

    function issuance() public view returns (uint256) {
        return inflate(initialIssuance, periods());
    }

    function issuanceStep(uint256 _periods) public view returns (uint256) {
        return inflate(initialIssuance, _periods);
    }

    function inflate(uint256 _initial, uint256 _periods) public view returns (uint256) {
        uint256 q = pow(inflation, _periods);
        uint256 d = pow(divisor, _periods);
        return (_initial.mul(q)).div(d);
    }

    function changeOwner(address _newOwner) public onlyOwner returns (bool) {
        require(_newOwner != address(0));
        owner = _newOwner;
        return true;
    }

    function updateInflation(uint256 _inflation) public onlyOwner returns (bool) {
        inflation = _inflation;
        return true;
    }

    function updateRate(uint256 _initialIssuance) public onlyOwner returns (bool) {
        initialIssuance = _initialIssuance;
        return true;
    }

    function updateSymbol(string memory _symbol) public onlyOwner returns (bool) {
        symbol = _symbol;
        return true;
    }

    function time() public view returns (uint256) { return block.timestamp; }

    // No exit allowed. Once you create a personal token, you're in for good.
    function signup(string memory _name) public returns (bool) {
        require(address(userToToken[msg.sender]) == address(0));

        Token token = new Token(msg.sender, _name, initialPayout);
        userToToken[msg.sender] = token;
        tokenToUser[address(token)] = msg.sender;
        _trust(msg.sender, 100);

        emit Signup(msg.sender, address(token));
        return true;
    }

    // Trust does not have to be reciprocated.
    // (e.g. I can trust you but you don't have to trust me)
    function trust(address user, uint limit) public {
        require(address(userToToken[msg.sender]) != address(0), "You can only trust people after you've signed up!");
        require(msg.sender != user, "You can't untrust yourself");
        _trust(user, limit);
    }

    function _trust(address user, uint limit) internal {
        limits[msg.sender][user] = limit;
        emit Trust(msg.sender, user, limit);
    }

    function pow(uint256 base, uint256 exponent) public pure returns (uint256) {
        if (base == 0) {
            return 0;
        }
        if (exponent == 0) {
            return 1;
        }
        if (exponent == 1) {
            return base;
        }
        uint256 y = 1;
        while(exponent > 1) {
            if(exponent.mod(2) == 0) {
                base = base.mul(base);
                exponent = exponent.div(2);
            } else {
                y = base.mul(y);
                base = base.mul(base);
                exponent = (exponent.sub(1)).div(2);
            }
        }
        return base.mul(y);
    }

    function checkSendLimit(address tokenOwner, address src, address dest) public view returns (uint256) {
        // there is no trust
        if (limits[dest][tokenOwner] == 0) {
            return 0;
        }
        // if dest hasn't signed up, they cannot trust anyone
        if (address(userToToken[dest]) == address(0)) {
            return 0;
        }

        // if the token doesn't exist, return max
        uint256 max = (userToToken[dest].totalSupply().mul(limits[dest][tokenOwner])).div(100);
        if (address(userToToken[tokenOwner]) == address(0)) {
            return max;
        }

        // if sending dest's token to dest, src can send 100% of their holdings
        uint256 srcBalance = userToToken[tokenOwner].balanceOf(src);
        if (tokenOwner == dest) {
            return srcBalance;
        }
        uint256 destBalance = userToToken[tokenOwner].balanceOf(dest);
        
        // if trustLimit has already been overriden by a direct transfer, nothing more can be sent
        if (max < destBalance) return 0;
        return max.sub(destBalance);
    }

    function transferThrough(Transfer[] calldata transfers) public mut {
        require(transfers.length <= 10, PathTooComplex());

        ResizableArray[Flow] memory flows;
        // Template paramater values are auto-deduced here.
        // we still provide the [] to indicate it is a template function.
        fold[](transfers, flows, function(ResizableArray[Flow] memory flows, Transfer calldata transfer) view returns (ResizableArray[Flow] memory) {
            if (transfer.tokenOwner != transfer.dst) {
                uint256 max = checkSendLimit(transfer.tokenOwner, transfer.src, transfer.dst);
                require(
                    userToToken[transfer.tokenOwner].balanceOf(dest) + transfer.amount <= max,
                    TrustLimitExceeded(transfer, max)
                );
            }
            integrateTransfer(flows, transfer);
            userToToken[transfer.tokenOwner].hubTransfer(transfer.src, transfer.dest, transfer.amount);
            return flows;
        });
        validateTransferThrough(flows);
    }
 }

diff --git a/resizableArray.sol b/resizableArray.sol
 import { min } from "./util.sol";

 export { ResizableArray, IndexOutOfBounds };

 error IndexOutOfBounds();
 error InvalidReserve();

 // All declarations inside a template automatically turn into templates.
 // When accessed from outside, the value for T has to be explicitly
 // given (unless it is auto-deduced).
 // Inside the template area, template parameters can be mentioned
 // when accessing other templatized declartions but they can
 // also be omitted.
 template[T]
 {

 struct ResizableArray
 {
    uint length;
    T[] data;

    invariant { length < data.length }
 }

 // "member" attaches the function as a member to the type.
 // alternative: "bound"?
 // It cannot be called without the type.
 // Problem: the inner workings may be obivous if the first parameter is a struct,
 // but it may not be that obvious if it is a complex array.
 // Name clashes could maybe only be detected at the point where the function is used.


 /// Reserves a certain capacity but does not change the length of
 /// the array. Re-allocates if needed.
 /// capacity has to be at least the current length.
 member function reserve(ResizableArray memory array, uint capacity)
 {
    require(capacity >= array.length, InvalidReserve());
    if (capacity <= array.data.length)
        return;

    T[] memory newData = new T[](capacity);
    for (uint i = 0; i < array.length; i++)
        newData[i] = array.data[i];
    array.data = newData;
 }


 /// Sets the length to the given value and re-allocates the
 /// data if required.
 member function resize(ResizableArray memory array, uint length)
 {
    // grow if needed
    uint newCapacity = array.data.length;
    while (newCapacity < length) newCapacity *= 2;
    array.reserve(newCapacity);

    // zero-initialize in case we reduced the size
    for (uint i = array.length; i < length; i++)
    {
        // for template types, we allow data location even if the template
        // parameter is a value type
        T memory zero;
        array.data[i] = zero;
    }
    array.length = length;
    assert(array.length <= array.data.length);
 }

 member function at(ResizableArray memory array, uint index) returns (T memory)
 {
    require(index < array.length, IndexOutOfBounds());
    return array.data[index];
 }


 member function push(ResizableArray memory array, T memory value)
 {
    array.resize(array.length + 1);
    array.at(array.length - 1) = value;
 }

 }
diff --git a/Token.sol b/Token.sol
 // unmodified

 contract Token {

    uint8 public decimals = 18;

    string public name;
    uint256 public lastTouched;
    address public hub;
    address public owner;
    uint256 public inflationOffset;
    uint256 public currentIssuance;

    modifier onlyHub() {
        require(msg.sender == hub);
        _;
    }

    modifier onlyOwner() {
        require(msg.sender == owner);
        _;
    }

    constructor(address _owner, string memory _name, uint256 initialPayout) public {
        require(_owner != address(0));
        name = _name;
        owner = _owner;
        hub = msg.sender;
        lastTouched = time();
        inflationOffset = findInflationOffset();
        currentIssuance = HubI(hub).issuance();
        _mint(_owner, initialPayout);
    }

    function time() public view returns (uint) {
        return block.timestamp;
    }

    function symbol() public view returns (string memory) {
        return HubI(hub).symbol();
    }

    function inflation() public view returns (uint256) {
        return HubI(hub).inflation();
    }

    function divisor() public view returns (uint256) {
        return HubI(hub).divisor();
    }

    function period() public view returns (uint256) {
        return HubI(hub).period();
    }

    function periods() public view returns (uint256) {
        return HubI(hub).periods();
    }

    function periodsLastTouched() public view returns (uint256) {
        return (lastTouched.sub(hubDeploy())).div(period());
    }

    function hubDeploy() public view returns (uint256) {
        return HubI(hub).deployedAt();
    }

    function findInflationOffset() public view returns (uint256) {
        return ((period().mul(periods().add(1))).add(hubDeploy())).sub(time());
    }

    function look() public view returns (uint256) {
        uint256 payout = 0;
        uint256 clock = lastTouched;
        uint256 offset = inflationOffset;
        uint256 rate = currentIssuance;
        uint256 p = periodsLastTouched();
        while (clock.add(offset) <= time()) {
            payout = payout.add(offset.mul(rate));
            clock = clock.add(offset);
            offset = period();
            p = p.add(1);
            rate = HubI(hub).issuanceStep(p);
        }
        uint256 timePassed = time().sub(clock);
        payout = payout.add(timePassed.mul(rate));
        return payout;
    }

    function update() public returns (uint256) {
        uint256 gift = look();
        if (gift > 0) {
            inflationOffset = findInflationOffset();
            lastTouched = time();
            currentIssuance = HubI(hub).issuance();
            _mint(owner, gift);
        }
    }

    function hubTransfer(
        address from, address to, uint256 amount
    ) public onlyHub returns (bool) {
        _transfer(from, to, amount);
    }

    function transfer(address dst, uint wad) public returns (bool) {
        // this totally redundant code is covering what I believe is weird compiler
        // eccentricity, making gnosis's revert message not correctly return the gas
        // when this function only super() calls the inherited contract
        if (msg.sender == owner) {
            owner = msg.sender;
        }
        return super.transfer(dst, wad);
    }
 }
diff --git a/utils.sol b/utils.sol

 export {min, max, fold}

 function min(uint a, uint b) returns (uint)
 {
    return a < b ? a : b;
 }

 function max(uint a, uint b) returns (uint)
 {
    return a > b ? a : b;
 }


 // Problems here:
 // - we need another definition for calldata or storage arrays. We could also say that the
 //   data location needs to be part of the templat etype, but then we cannot just
 //   replace `T`, since memory has to go after the `[]`.
 // - the state mutability of the function type cannot be specified.
 function fold[T, V, F](
    T[] memory _array, V memory initial,
    function(V memory, T memory) returns (V memory) f
 ) returns (V memory result) {
    result = initial;
    for (uint i = 0; i < _array.length; i++)
        result = f(result, _array[i]);
 }
	pragma solidity ^0.5.0;

	import "./Token.sol";
	import "./util.sol";

	import { ResizableArray } from "./resizableArray.sol";


	export {Hub}

	struct Flow
	{
	address identity;
	uint256 sent;
	uint256 received;
	}

	struct Transfer
	{
	address tokenOwner;
	address src;
	address dst;
	uint amount;
	}

	error PathTooComplex();
	error PathInvalid(string reason);
	error TrustLimitExceeded(Transfer transfer, uint maxAmount);



	function appendIfNotExists(ResizableArray[Flow] memory flows, address user) returns (Flow memory)
	{
	for (uint i = 0; i < flows.length; i++)
	if (flows.at(i).identity == user)
	return flows.at(i);
	flows.push(Flow{user, 0, 0});
	return flows.at(flows.length - 1);
	}

	function integrateTransfer(ResizableArray[Flow] memory flows, Transfer calldata transfer)
	{
	appendIfNotExists(flows, transfer.src).sent += transfer.amount;
	appendIfNotExists(flows, transfer.dst).received += transfer.amount;
	}

	function validateTransferThrough(ResizableArray[Flow] memory flows) internal {
	// a valid path has only one true sender and reciever, for all other
	// addresses in the path, sent = received
	// also, the sender should be msg.sender
	address src;
	address dest;
	for (uint i = 0; i < flows.length; i++)
	{
	Flow memory f = flows.at(i);
	if (f.sent > f.received)
	{
	require(src == address(0), PathInvalid("Path sends from more than one src"));
	require(f.identity == msg.sender, PathInvalid("Path doesn't send from transaction sender"));
	require(f.received == 0, PathInvalid("Sender is receiving"));
	src = f.identity;
	}
	if (f.received > f.sent)
	{
	require(dest == address(0), PathInvalid("Path sends to more than one dest"));
	require(f.sent == 0, PathInvalid("Receiver is sending"));
	dest = f.identity;
	}
	}
	require(src != address(0), PathInvalid("Transaction must have a src"));
	require(dest != address(0), PathInvalid("Transaction must have a dest"));
	// the total amounts sent and received by src and dest should match
	require(
	appendIfNotExists(flows, src).sent ==
	appendIfNotExists(flows, dest).received,
	"Unequal sent and received amounts"
	);
	emit HubTransfer(src, dest, validation[src].sent);
	}




	contract Hub {
	address public owner;

	uint256 public inflation;
	uint256 public divisor;
	uint256 public period;
	string public symbol; // = 'CRC';
	uint256 public initialPayout;
	uint256 public initialIssuance;
	uint256 public deployedAt;

	mapping (address => Token) public userToToken;
	mapping (address => address) public tokenToUser;
	mapping (address => mapping (address => uint256)) public limits;

	event Signup(address indexed user, address token);
	event Trust(address indexed canSendTo, address indexed user, uint256 limit);
	event HubTransfer(address indexed from, address indexed to, uint256 amount);


	mapping (address => transferValidator) public validation;
	address[] public seen;

	modifier onlyOwner() {
	require (msg.sender == owner);
	_;
	}

	constructor(address _owner, uint256 _inflation, uint256 _period, string memory _symbol, uint256 _initialPayout, uint256 _initialIssuance) public {
	require (_owner != address(0));
	owner = _owner;
	inflation = _inflation;
	divisor = findDivisor(_inflation);
	period = _period;
	symbol = _symbol;
	initialPayout = _initialPayout;
	initialIssuance = _initialIssuance;
	deployedAt = block.timestamp;
	}

	function findDivisor(uint256 _inf) internal pure returns (uint256) {
	uint256 iter = 0;
	while (_inf.div(pow(10, iter)) > 9) {
	iter += 1;
	}
	return pow(10, iter);
	}

	function periods() public view returns (uint256) {
	return (block.timestamp.sub(deployedAt)).div(period);
	}

	function issuance() public view returns (uint256) {
	return inflate(initialIssuance, periods());
	}

	function issuanceStep(uint256 _periods) public view returns (uint256) {
	return inflate(initialIssuance, _periods);
	}

	function inflate(uint256 _initial, uint256 _periods) public view returns (uint256) {
	uint256 q = pow(inflation, _periods);
	uint256 d = pow(divisor, _periods);
	return (_initial.mul(q)).div(d);
	}

	function changeOwner(address _newOwner) public onlyOwner returns (bool) {
	require(_newOwner != address(0));
	owner = _newOwner;
	return true;
	}

	function updateInflation(uint256 _inflation) public onlyOwner returns (bool) {
	inflation = _inflation;
	return true;
	}

	function updateRate(uint256 _initialIssuance) public onlyOwner returns (bool) {
	initialIssuance = _initialIssuance;
	return true;
	}

	function updateSymbol(string memory _symbol) public onlyOwner returns (bool) {
	symbol = _symbol;
	return true;
	}

	function time() public view returns (uint256) { return block.timestamp; }

	// No exit allowed. Once you create a personal token, you're in for good.
	function signup(string memory _name) public returns (bool) {
	require(address(userToToken[msg.sender]) == address(0));

	Token token = new Token(msg.sender, _name, initialPayout);
	userToToken[msg.sender] = token;
	tokenToUser[address(token)] = msg.sender;
	_trust(msg.sender, 100);

	emit Signup(msg.sender, address(token));
	return true;
	}

	// Trust does not have to be reciprocated.
	// (e.g. I can trust you but you don't have to trust me)
	function trust(address user, uint limit) public {
	require(address(userToToken[msg.sender]) != address(0), "You can only trust people after you've signed up!");
	require(msg.sender != user, "You can't untrust yourself");
	_trust(user, limit);
	}

	function _trust(address user, uint limit) internal {
	limits[msg.sender][user] = limit;
	emit Trust(msg.sender, user, limit);
	}

	function pow(uint256 base, uint256 exponent) public pure returns (uint256) {
	if (base == 0) {
	return 0;
	}
	if (exponent == 0) {
	return 1;
	}
	if (exponent == 1) {
	return base;
	}
	uint256 y = 1;
	while(exponent > 1) {
	if(exponent.mod(2) == 0) {
	base = base.mul(base);
	exponent = exponent.div(2);
	} else {
	y = base.mul(y);
	base = base.mul(base);
	exponent = (exponent.sub(1)).div(2);
	}
	}
	return base.mul(y);
	}

	function checkSendLimit(address tokenOwner, address src, address dest) public view returns (uint256) {
	// there is no trust
	if (limits[dest][tokenOwner] == 0) {
	return 0;
	}
	// if dest hasn't signed up, they cannot trust anyone
	if (address(userToToken[dest]) == address(0)) {
	return 0;
	}

	// if the token doesn't exist, return max
	uint256 max = (userToToken[dest].totalSupply().mul(limits[dest][tokenOwner])).div(100);
	if (address(userToToken[tokenOwner]) == address(0)) {
	return max;
	}

	// if sending dest's token to dest, src can send 100% of their holdings
	uint256 srcBalance = userToToken[tokenOwner].balanceOf(src);
	if (tokenOwner == dest) {
	return srcBalance;
	}
	uint256 destBalance = userToToken[tokenOwner].balanceOf(dest);

	// if trustLimit has already been overriden by a direct transfer, nothing more can be sent
	if (max < destBalance) return 0;
	return max.sub(destBalance);
	}

	function transferThrough(Transfer[] calldata transfers) public mut {
	require(transfers.length <= 10, PathTooComplex());

	ResizableArray[Flow] memory flows;
	// Template paramater values are auto-deduced here.
	// we still provide the [] to indicate it is a template function.
	fold[](transfers, flows, function(ResizableArray[Flow] memory flows, Transfer calldata transfer) view returns (ResizableArray[Flow] memory) {
	if (transfer.tokenOwner != transfer.dst) {
	uint256 max = checkSendLimit(transfer.tokenOwner, transfer.src, transfer.dst);
	require(
	userToToken[transfer.tokenOwner].balanceOf(dest) + transfer.amount <= max,
	TrustLimitExceeded(transfer, max)
	);
	}
	integrateTransfer(flows, transfer);
	userToToken[transfer.tokenOwner].hubTransfer(transfer.src, transfer.dest, transfer.amount);
	return flows;
	});
	validateTransferThrough(flows);
	}
	}
	import { min } from "./util.sol";

	export { ResizableArray, IndexOutOfBounds };

	error IndexOutOfBounds();
	error InvalidReserve();

	// All declarations inside a template automatically turn into templates.
	// When accessed from outside, the value for T has to be explicitly
	// given (unless it is auto-deduced).
	// Inside the template area, template parameters can be mentioned
	// when accessing other templatized declartions but they can
	// also be omitted.
	template[T]
	{

	struct ResizableArray
	{
	uint length;
	T[] data;

	invariant { length < data.length }
	}

	// "member" attaches the function as a member to the type.
	// alternative: "bound"?
	// It cannot be called without the type.
	// Problem: the inner workings may be obivous if the first parameter is a struct,
	// but it may not be that obvious if it is a complex array.
	// Name clashes could maybe only be detected at the point where the function is used.


	/// Reserves a certain capacity but does not change the length of
	/// the array. Re-allocates if needed.
	/// capacity has to be at least the current length.
	member function reserve(ResizableArray memory array, uint capacity)
	{
	require(capacity >= array.length, InvalidReserve());
	if (capacity <= array.data.length)
	return;

	T[] memory newData = new T[](capacity);
	for (uint i = 0; i < array.length; i++)
	newData[i] = array.data[i];
	array.data = newData;
	}


	/// Sets the length to the given value and re-allocates the
	/// data if required.
	member function resize(ResizableArray memory array, uint length)
	{
	// grow if needed
	uint newCapacity = array.data.length;
	while (newCapacity < length) newCapacity *= 2;
	array.reserve(newCapacity);

	// zero-initialize in case we reduced the size
	for (uint i = array.length; i < length; i++)
	{
	// for template types, we allow data location even if the template
	// parameter is a value type
	T memory zero;
	array.data[i] = zero;
	}
	array.length = length;
	assert(array.length <= array.data.length);
	}

	member function at(ResizableArray memory array, uint index) returns (T memory)
	{
	require(index < array.length, IndexOutOfBounds());
	return array.data[index];
	}


	member function push(ResizableArray memory array, T memory value)
	{
	array.resize(array.length + 1);
	array.at(array.length - 1) = value;
	}

	}
	// unmodified

	contract Token {

	uint8 public decimals = 18;

	string public name;
	uint256 public lastTouched;
	address public hub;
	address public owner;
	uint256 public inflationOffset;
	uint256 public currentIssuance;

	modifier onlyHub() {
	require(msg.sender == hub);
	_;
	}

	modifier onlyOwner() {
	require(msg.sender == owner);
	_;
	}

	constructor(address _owner, string memory _name, uint256 initialPayout) public {
	require(_owner != address(0));
	name = _name;
	owner = _owner;
	hub = msg.sender;
	lastTouched = time();
	inflationOffset = findInflationOffset();
	currentIssuance = HubI(hub).issuance();
	_mint(_owner, initialPayout);
	}

	function time() public view returns (uint) {
	return block.timestamp;
	}

	function symbol() public view returns (string memory) {
	return HubI(hub).symbol();
	}

	function inflation() public view returns (uint256) {
	return HubI(hub).inflation();
	}

	function divisor() public view returns (uint256) {
	return HubI(hub).divisor();
	}

	function period() public view returns (uint256) {
	return HubI(hub).period();
	}

	function periods() public view returns (uint256) {
	return HubI(hub).periods();
	}

	function periodsLastTouched() public view returns (uint256) {
	return (lastTouched.sub(hubDeploy())).div(period());
	}

	function hubDeploy() public view returns (uint256) {
	return HubI(hub).deployedAt();
	}

	function findInflationOffset() public view returns (uint256) {
	return ((period().mul(periods().add(1))).add(hubDeploy())).sub(time());
	}

	function look() public view returns (uint256) {
	uint256 payout = 0;
	uint256 clock = lastTouched;
	uint256 offset = inflationOffset;
	uint256 rate = currentIssuance;
	uint256 p = periodsLastTouched();
	while (clock.add(offset) <= time()) {
	payout = payout.add(offset.mul(rate));
	clock = clock.add(offset);
	offset = period();
	p = p.add(1);
	rate = HubI(hub).issuanceStep(p);
	}
	uint256 timePassed = time().sub(clock);
	payout = payout.add(timePassed.mul(rate));
	return payout;
	}

	function update() public returns (uint256) {
	uint256 gift = look();
	if (gift > 0) {
	inflationOffset = findInflationOffset();
	lastTouched = time();
	currentIssuance = HubI(hub).issuance();
	_mint(owner, gift);
	}
	}

	function hubTransfer(
	address from, address to, uint256 amount
	) public onlyHub returns (bool) {
	_transfer(from, to, amount);
	}

	function transfer(address dst, uint wad) public returns (bool) {
	// this totally redundant code is covering what I believe is weird compiler
	// eccentricity, making gnosis's revert message not correctly return the gas
	// when this function only super() calls the inherited contract
	if (msg.sender == owner) {
	owner = msg.sender;
	}
	return super.transfer(dst, wad);
	}
	}

	export {min, max, fold}

	function min(uint a, uint b) returns (uint)
	{
	return a < b ? a : b;
	}

	function max(uint a, uint b) returns (uint)
	{
	return a > b ? a : b;
	}


	// Problems here:
	// - we need another definition for calldata or storage arrays. We could also say that the
	// data location needs to be part of the templat etype, but then we cannot just
	// replace `T`, since memory has to go after the `[]`.
	// - the state mutability of the function type cannot be specified.
	function fold[T, V, F](
	T[] memory _array, V memory initial,
	function(V memory, T memory) returns (V memory) f
	) returns (V memory result) {
	result = initial;
	for (uint i = 0; i < _array.length; i++)
	result = f(result, _array[i]);
	}