Skip to main content



This contract is the entry point to the Aragon DAO framework and provides our users a simple and easy to use public interface.

Public API of the Aragon DAO framework.



The ID of the permission required to call the execute function.



The ID of the permission required to call the _authorizeUpgrade function.



The ID of the permission required to call the setMetadata function.



The ID of the permission required to call the setTrustedForwarder function.



The ID of the permission required to call the registerStandardCallback function.



The ID of the permission required to validate ERC-1271 signatures.


internal variable MAX_ACTIONS

The internal constant storing the maximal action array length.


error ReentrantCall

Thrown if a call is reentrant.

error ReentrantCall()

error TooManyActions

Thrown if the action array length is larger than MAX_ACTIONS.

error TooManyActions()

error ActionFailed

Thrown if action execution has failed.

error ActionFailed(uint256 index)
indexuint256The index of the action in the action array that failed.

error InsufficientGas

Thrown if an action has insufficent gas left.

error InsufficientGas()

error ZeroAmount

Thrown if the deposit amount is zero.

error ZeroAmount()

error NativeTokenDepositAmountMismatch

Thrown if there is a mismatch between the expected and actually deposited amount of native tokens.

error NativeTokenDepositAmountMismatch(uint256 expected, uint256 actual)
expecteduint256The expected native token amount.
actualuint256The actual native token amount deposited.

error ProtocolVersionUpgradeNotSupported

Thrown if an upgrade is not supported from a specific protocol version .

error ProtocolVersionUpgradeNotSupported(uint8[3] protocolVersion)

error FunctionRemoved

Thrown when a function is removed but left to not corrupt the interface ID.

error FunctionRemoved()

event NewURI

Emitted when a new DAO URI is set.

event NewURI(string daoURI)
daoURIstringThe new URI.

internal modifier nonReentrant

A modifier to protect a function from calling itself, directly or indirectly (reentrancy).

modifier nonReentrant()

Currently, this modifier is only applied to the execute() function. If this is used multiple times, private _beforeNonReentrant() and _afterNonReentrant() functions should be created to prevent code duplication.

public function constructor

Disables the initializers on the implementation contract to prevent it from being left uninitialized.

constructor() public

external function initialize

Initializes the DAO by

  • setting the reentrancy status variable to _NOT_ENTERED
  • registering the ERC-165 interface ID
  • setting the trusted forwarder for meta transactions
  • giving the ROOT_PERMISSION_ID permission to the initial owner (that should be revoked and transferred to the DAO after setup).
function initialize(bytes _metadata, address _initialOwner, address _trustedForwarder, string daoURI_) external
_metadatabytesIPFS hash that points to all the metadata (logo, description, tags, etc.) of a DAO.
_initialOwneraddressThe initial owner of the DAO having the ROOT_PERMISSION_ID permission.
_trustedForwarderaddressThe trusted forwarder responsible for verifying meta transactions.
daoURI_stringThe DAO URI required to support ERC-4824.

This method is required to support ERC-1822.

external function initializeFrom

Initializes the DAO after an upgrade from a previous protocol version.

function initializeFrom(uint8[3] _previousProtocolVersion, bytes _initData) external
_previousProtocolVersionuint8[3]The semantic protocol version number of the previous DAO implementation contract this upgrade is transitioning from.
_initDatabytesThe initialization data to be passed to via upgradeToAndCall (see ERC-1967).

internal function isPermissionRestrictedForAnyAddr

Decides if the granting permissionId is restricted when _who == ANY_ADDR or _where == ANY_ADDR.

function isPermissionRestrictedForAnyAddr(bytes32 _permissionId) internal pure returns (bool)
_permissionIdbytes32The permission identifier.
0boolWhether or not the permission is restricted.

By default, every permission is unrestricted and it is the derived contract's responsibility to override it. Note, that the ROOT_PERMISSION_ID is included and not required to be set it again.

internal function _authorizeUpgrade

Internal method authorizing the upgrade of the contract via the upgradeability mechanism for UUPS proxies (see ERC-1822).

function _authorizeUpgrade(address) internal virtual

The caller must have the UPGRADE_DAO_PERMISSION_ID permission.

external function setTrustedForwarder

Setter for the trusted forwarder verifying the meta transaction.

function setTrustedForwarder(address _newTrustedForwarder) external

external function getTrustedForwarder

Getter for the trusted forwarder verifying the meta transaction.

function getTrustedForwarder() external view virtual returns (address)
0addressThe trusted forwarder address.

external function hasPermission

Checks if an address has permission on a contract via a permission identifier and considers if ANY_ADDRESS was used in the granting process.

function hasPermission(address _where, address _who, bytes32 _permissionId, bytes _data) external view returns (bool)
_whereaddressThe address of the contract.
_whoaddressThe address of a EOA or contract to give the permissions.
_permissionIdbytes32The permission identifier.
_databytesThe optional data passed to the PermissionCondition registered.
0boolReturns true if the address has permission, false if not.

external function setMetadata

Updates the DAO metadata (e.g., an IPFS hash).

function setMetadata(bytes _metadata) external
_metadatabytesThe IPFS hash of the new metadata object.

external function execute

Executes a list of actions. If a zero allow-failure map is provided, a failing action reverts the entire execution. If a non-zero allow-failure map is provided, allowed actions can fail without the entire call being reverted.

function execute(bytes32 _callId, struct IDAO.Action[] _actions, uint256 _allowFailureMap) external returns (bytes[] execResults, uint256 failureMap)
_callIdbytes32The ID of the call. The definition of the value of callId is up to the calling contract and can be used, e.g., as a nonce.
_actionsstruct IDAO.Action[]The array of actions.
_allowFailureMapuint256A bitmap allowing execution to succeed, even if individual actions might revert. If the bit at index i is 1, the execution succeeds even if the ith action reverts. A failure map value of 0 requires every action to not revert.
execResultsbytes[]The array of results obtained from the executed actions in bytes.
failureMapuint256The resulting failure map containing the actions have actually failed.

external function deposit

Deposits (native) tokens to the DAO contract with a reference string.

function deposit(address _token, uint256 _amount, string _reference) external payable
_tokenaddressThe address of the token or address(0) in case of the native token.
_amountuint256The amount of tokens to deposit.
_referencestringThe reference describing the deposit reason.

external function setSignatureValidator

Removed function being left here to not corrupt the IDAO interface ID. Any call will revert.

function setSignatureValidator(address) external pure

Introduced in v1.0.0. Removed in v1.4.0.

external function isValidSignature

Checks whether a signature is valid for a provided hash according to ERC-1271.

function isValidSignature(bytes32 _hash, bytes _signature) external view returns (bytes4)
_hashbytes32The hash of the data to be signed.
_signaturebytesThe signature byte array associated with _hash.
0bytes4Returns the bytes4 magic value 0x1626ba7e if the signature is valid and 0xffffffff if not.

Relays the validation logic determining who is allowed to sign on behalf of the DAO to its permission manager. Caller specific bypassing can be set direct granting (i.e., grant({_where: dao, _who: specificErc1271Caller, _permissionId: VALIDATE_SIGNATURE_PERMISSION_ID})). Caller specific signature validation logic can be set by granting with a PermissionCondition (i.e., grantWithCondition({_where: dao, _who: specificErc1271Caller, _permissionId: VALIDATE_SIGNATURE_PERMISSION_ID, _condition: yourConditionImplementation})) Generic signature validation logic can be set for all calling contracts by granting with a PermissionCondition to PermissionManager.ANY_ADDR() (i.e., grantWithCondition({_where: dao, _who: PermissionManager.ANY_ADDR(), _permissionId: VALIDATE_SIGNATURE_PERMISSION_ID, _condition: yourConditionImplementation})).

external function receive

Emits the NativeTokenDeposited event to track native token deposits that weren't made via the deposit method.

receive() external payable

This call is bound by the gas limitations for send/transfer calls introduced by ERC-2929. Gas cost increases in future hard forks might break this function. As an alternative, ERC-2930-type transactions using access lists can be employed.

external function fallback

Fallback to handle future versions of the ERC-165 standard.

fallback(bytes _input) external returns (bytes)
_inputbytesAn alias being equivalent to This feature of the fallback function was introduced with the solidity compiler version 0.7.6
0bytesThe magic number registered for the function selector triggering the fallback.

internal function _setMetadata

Emits the MetadataSet event if new metadata is set.

function _setMetadata(bytes _metadata) internal
_metadatabytesHash of the IPFS metadata object.

internal function _setTrustedForwarder

Sets the trusted forwarder on the DAO and emits the associated event.

function _setTrustedForwarder(address _trustedForwarder) internal
_trustedForwarderaddressThe trusted forwarder address.

external function registerStandardCallback

Registers an ERC standard having a callback by registering its ERC-165 interface ID and callback function signature.

function registerStandardCallback(bytes4 _interfaceId, bytes4 _callbackSelector, bytes4 _magicNumber) external
_interfaceIdbytes4The ID of the interface.
_callbackSelectorbytes4The selector of the callback function.
_magicNumberbytes4The magic number to be registered for the function signature.

external function daoURI

A distinct Uniform Resource Identifier (URI) pointing to a JSON object following the "EIP-4824 DAO JSON-LD Schema". This JSON file splits into four URIs: membersURI, proposalsURI, activityLogURI, and governanceURI. The membersURI should point to a JSON file that conforms to the "EIP-4824 Members JSON-LD Schema". The proposalsURI should point to a JSON file that conforms to the "EIP-4824 Proposals JSON-LD Schema". The activityLogURI should point to a JSON file that conforms to the "EIP-4824 Activity Log JSON-LD Schema". The governanceURI should point to a flatfile, normatively a .md file. Each of the JSON files named above can be statically hosted or dynamically-generated.

function daoURI() external view returns (string)

external function setDaoURI

Updates the set DAO URI to a new value.

function setDaoURI(string newDaoURI) external
newDaoURIstringThe new DAO URI to be set.

internal function _setDaoURI

Sets the new ERC-4824 DAO URI and emits the associated event.

function _setDaoURI(string daoURI_) internal
daoURI_stringThe new DAO URI.
© 2024