v3.4.0
Protocol
Contributing
Security
π΄ββ οΈ Loot Box
What is a PoolTogether Loot Box?
Overview
The PoolTogether Loot Box is a permission-less token container. A Loot Box allows wallets to be transferred like an ERC721.
Many different tokens can be controlled simply by one counterfactual address. The holding contract is created and destroyed within the same transaction. This cheap deployment and immediate destruction of the contract minimizes the gas overhead involved with containerization.
How it works
A LootBox contract ephemerally exists within a transaction. The owner of an
ERC721 owns the LootBox.- 1.A
ERC721is created by callingcreateERC721Controlled()on theERC721ProxyFactoryby anyone:
1
function createERC721Controlled(
2
string memory name,
3
string memory symbol,
4
string memory baseURI
5
) external returns (ERC721Controlled)
Copied!
- 1.
mint()can then be called on theControlledERC721which effectively creates a LootBox with an Owner defined by thetofield:
1
function mint(address to) external onlyAdmin returns (uint256)
Copied!
- 1.The LootBox address is calculated by calling:
1
computeAddress(address erc721, uint256 tokenId)
Copied!
- 1.Tokens are transferred/minted to this address. In the case of PoolTogether, these are usually external ERC20, ERC721 and ERC1155 rewards for a Prize Period.
- 2.Anyone can call
plunder()on the LootBox controller which will transfer all the passed tokens to the LootBox owner.
1
function plunder(
2
address erc721,
3
uint256 tokenId,
4
address[] calldata erc20s,
5
WithdrawERC721[] calldata erc721s,
6
WithdrawERC1155[] calldata erc1155s
7
)
Copied!
where
erc20s is defined as an array of ERC-20 addresses,erc721s is defined as:1
struct WithdrawERC721 {
2
address token;
3
uint256[] tokenIds;
4
}
Copied!
and
erc1155s as:1
struct WithdrawERC1155 {
2
address token;
3
uint256[] ids;
4
uint256[] amounts;
5
bytes data;
6
}
Copied!
Last modified 9mo ago
Copy link