Update open zeppelin and oraclize

contracts/ModuleRegistry.sol

@@ -1,11 +1,11 @@
 pragma solidity ^0.4.24;
 
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 import "./interfaces/IModuleRegistry.sol";
 import "./interfaces/IModuleFactory.sol";
 import "./interfaces/ISecurityTokenRegistry.sol";
 import "./interfaces/IPolymathRegistry.sol";
 import "./interfaces/IFeatureRegistry.sol";
-import "./interfaces/IERC20.sol";
 import "./libraries/VersionUtils.sol";
 import "./storage/EternalStorage.sol";
 import "./libraries/Encoder.sol";

contracts/ReclaimTokens.sol

@@ -1,7 +1,7 @@
 pragma solidity ^0.4.24;
 
 import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
-import "./interfaces/IERC20.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 
 /**
  * @title Utility contract to allow owner to retreive any ERC20 sent to the contract
@@ -16,6 +16,6 @@ contract ReclaimTokens is Ownable {
         require(_tokenContract != address(0), "Invalid address");
         IERC20 token = IERC20(_tokenContract);
         uint256 balance = token.balanceOf(address(this));
-        require(token.transfer(owner, balance), "Transfer failed");
+        require(token.transfer(owner(), balance), "Transfer failed");
     }
 }

contracts/SecurityTokenRegistry.sol

@@ -1,9 +1,9 @@
 pragma solidity ^0.4.24;
 
 import "openzeppelin-solidity/contracts/math/SafeMath.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 import "./interfaces/IOwnable.sol";
 import "./interfaces/ISTFactory.sol";
-import "./interfaces/IERC20.sol";
 import "./interfaces/ISecurityTokenRegistry.sol";
 import "./storage/EternalStorage.sol";
 import "./libraries/Util.sol";

contracts/external/oraclizeAPI.sol

@@ -1,15 +1,25 @@
 // <ORACLIZE_API>
+// Release targetted at solc 0.4.25 to silence compiler warning/error messages, compatible down to 0.4.22
 /*
 Copyright (c) 2015-2016 Oraclize SRL
 Copyright (c) 2016 Oraclize LTD
+
+
+
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
+
+
+
 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.
+
+
+
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
@@ -19,9 +29,9 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 */
 
-// This api is currently targeted at 0.4.18, please import oraclizeAPI_pre0.4.sol or oraclizeAPI_0.4 where necessary
+// This api is currently targeted at 0.4.22 to 0.4.25 (stable builds), please import oraclizeAPI_pre0.4.sol or oraclizeAPI_0.4 where necessary
 /* solium-disable */
-pragma solidity >=0.4.18;// Incompatible compiler version... please select one stated within pragma solidity or use different oraclizeAPI version
+pragma solidity >=0.4.22;// Incompatible compiler version... please select one stated within pragma solidity or use different oraclizeAPI version
 
 contract OraclizeI {
     address public cbAddress;
@@ -44,17 +54,23 @@ contract OraclizeAddrResolverI {
 
 /*
 Begin solidity-cborutils
+
 https://github.com/smartcontractkit/solidity-cborutils
+
 MIT License
+
 Copyright (c) 2018 SmartContract ChainLink, Ltd.
+
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
+
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
+
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -346,7 +362,11 @@ contract usingOraclize {
     }
     function __callback(bytes32 myid, string result, bytes proof) public {
       return;
+      // Following should never be reached with a preceding return, however
+      // this is just a placeholder function, ideally meant to be defined in
+      // child contract when proofs are used
       myid; result; proof; // Silence compiler warnings
+      oraclize = OraclizeI(0); // Additional compiler silence about making function pure/view. 
     }
 
     function oraclize_getPrice(string datasource) oraclizeAPI internal returns (uint){
@@ -744,7 +764,7 @@ contract usingOraclize {
         return oraclize.randomDS_getSessionPubKeyHash();
     }
 
-    function getCodeSize(address _addr) constant internal returns(uint _size) {
+    function getCodeSize(address _addr) view internal returns(uint _size) {
         assembly {
             _size := extcodesize(_addr)
         }
@@ -963,7 +983,7 @@ contract usingOraclize {
 
         }
 
-        oraclize_randomDS_setCommitment(queryId, keccak256(delay_bytes8_left, args[1], sha256(args[0]), args[2]));
+        oraclize_randomDS_setCommitment(queryId, keccak256(abi.encodePacked(delay_bytes8_left, args[1], sha256(args[0]), args[2])));
         return queryId;
     }
 
@@ -1075,7 +1095,7 @@ contract usingOraclize {
         uint ledgerProofLength = 3+65+(uint(proof[3+65+1])+2)+32;
         bytes memory keyhash = new bytes(32);
         copyBytes(proof, ledgerProofLength, 32, keyhash, 0);
-        if (!(keccak256(keyhash) == keccak256(sha256(context_name, queryId)))) return false;
+        if (!(keccak256(keyhash) == keccak256(abi.encodePacked(sha256(abi.encodePacked(context_name, queryId)))))) return false;
 
         bytes memory sig1 = new bytes(uint(proof[ledgerProofLength+(32+8+1+32)+1])+2);
         copyBytes(proof, ledgerProofLength+(32+8+1+32), sig1.length, sig1, 0);
@@ -1093,7 +1113,7 @@ contract usingOraclize {
         copyBytes(proof, sig2offset-64, 64, sessionPubkey, 0);
 
         bytes32 sessionPubkeyHash = sha256(sessionPubkey);
-        if (oraclize_randomDS_args[queryId] == keccak256(commitmentSlice1, sessionPubkeyHash)){ //unonce, nbytes and sessionKeyHash match
+        if (oraclize_randomDS_args[queryId] == keccak256(abi.encodePacked(commitmentSlice1, sessionPubkeyHash))){ //unonce, nbytes and sessionKeyHash match
             delete oraclize_randomDS_args[queryId];
         } else return false;
 
@@ -1212,3 +1232,4 @@ contract usingOraclize {
     }
 
 }
+// </ORACLIZE_API>

contracts/mocks/MockBurnFactory.sol

@@ -24,7 +24,7 @@ contract MockBurnFactory is TrackedRedemptionFactory {
      */
     function deploy(bytes /*_data*/) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Unable to pay setup cost");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Unable to pay setup cost");
         //Check valid bytes - can only call module init function
         MockRedemptionManager mockRedemptionManager = new MockRedemptionManager(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/

contracts/modules/Checkpoint/DividendCheckpoint.sol

@@ -176,7 +176,7 @@ contract DividendCheckpoint is ICheckpoint, Module {
     {
         Dividend storage dividend = dividends[_dividendIndex];
         address[] memory investors = ISecurityToken(securityToken).getInvestors();
-        uint256 numberInvestors = Math.min256(investors.length, _start.add(_iterations));
+        uint256 numberInvestors = Math.min(investors.length, _start.add(_iterations));
         for (uint256 i = _start; i < numberInvestors; i++) {
             address payee = investors[i];
             if ((!dividend.claimed[payee]) && (!dividend.dividendExcluded[payee])) {

contracts/modules/Checkpoint/ERC20DividendCheckpoint.sol

@@ -2,7 +2,7 @@ pragma solidity ^0.4.24;
 
 import "./DividendCheckpoint.sol";
 import "../../interfaces/IOwnable.sol";
-import "../../interfaces/IERC20.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 
 /**
  * @title Checkpoint module for issuing ERC20 dividends

contracts/modules/Checkpoint/ERC20DividendCheckpointFactory.sol

@@ -32,7 +32,7 @@ contract ERC20DividendCheckpointFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "insufficent allowance");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "insufficent allowance");
         address erc20DividendCheckpoint = new ERC20DividendCheckpoint(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(erc20DividendCheckpoint, getName(), address(this), msg.sender, setupCost, now);

contracts/modules/Checkpoint/EtherDividendCheckpointFactory.sol

@@ -32,7 +32,7 @@ contract EtherDividendCheckpointFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Insufficent allowance or balance");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Insufficent allowance or balance");
         address ethDividendCheckpoint = new EtherDividendCheckpoint(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(ethDividendCheckpoint, getName(), address(this), msg.sender, setupCost, now);

contracts/modules/Experimental/Burn/TrackedRedemptionFactory.sol

@@ -32,7 +32,7 @@ contract TrackedRedemptionFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Insufficent allowance or balance");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Insufficent allowance or balance");
         address trackedRedemption = new TrackedRedemption(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(address(trackedRedemption), getName(), address(this), msg.sender, setupCost, now);

contracts/modules/Experimental/Mixed/ScheduledCheckpointFactory.sol

@@ -32,7 +32,7 @@ contract ScheduledCheckpointFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
         address scheduledCheckpoint = new ScheduledCheckpoint(msg.sender, address(polyToken));
         emit GenerateModuleFromFactory(scheduledCheckpoint, getName(), address(this), msg.sender, setupCost, now);
         return scheduledCheckpoint;

contracts/modules/Experimental/TransferManager/LockupVolumeRestrictionTMFactory.sol

@@ -32,7 +32,7 @@ contract LockupVolumeRestrictionTMFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
         LockupVolumeRestrictionTM lockupVolumeRestrictionTransferManager = new LockupVolumeRestrictionTM(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(address(lockupVolumeRestrictionTransferManager), getName(), address(this), msg.sender, now);

contracts/modules/Experimental/TransferManager/SingleTradeVolumeRestrictionTMFactory.sol

@@ -34,7 +34,7 @@ contract SingleTradeVolumeRestrictionTMFactory is ModuleFactory {
     */
     function deploy(bytes _data) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
         SingleTradeVolumeRestrictionTM singleTradeVolumeRestrictionManager = new SingleTradeVolumeRestrictionTM(msg.sender, address(polyToken));
 
         require(Util.getSig(_data) == singleTradeVolumeRestrictionManager.getInitFunction(), "Provided data is not valid");

contracts/modules/Module.sol

@@ -2,7 +2,7 @@ pragma solidity ^0.4.24;
 
 import "../interfaces/IModule.sol";
 import "../interfaces/ISecurityToken.sol";
-import "../interfaces/IERC20.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
 
 /**

contracts/modules/ModuleFactory.sol

@@ -1,6 +1,6 @@
 pragma solidity ^0.4.24;
 
-import "../interfaces/IERC20.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 import "../interfaces/IModuleFactory.sol";
 import "openzeppelin-solidity/contracts/ownership/Ownable.sol";
 import "../libraries/VersionUtils.sol";

contracts/modules/PermissionManager/GeneralPermissionManagerFactory.sol

@@ -29,7 +29,7 @@ contract GeneralPermissionManagerFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom due to insufficent Allowance provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom due to insufficent Allowance provided");
         address permissionManager = new GeneralPermissionManager(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(address(permissionManager), getName(), address(this), msg.sender, setupCost, now);

contracts/modules/STO/CappedSTO.sol

@@ -2,7 +2,7 @@ pragma solidity ^0.4.24;
 
 import "./ISTO.sol";
 import "../../interfaces/ISecurityToken.sol";
-import "openzeppelin-solidity/contracts/ReentrancyGuard.sol";
+import "openzeppelin-solidity/contracts/utils/ReentrancyGuard.sol";
 import "openzeppelin-solidity/contracts/math/SafeMath.sol";
 
 /**

contracts/modules/STO/CappedSTOFactory.sol

@@ -30,7 +30,7 @@ contract CappedSTOFactory is ModuleFactory {
      */
     function deploy(bytes _data) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Sufficent Allowance is not provided");
         //Check valid bytes - can only call module init function
         CappedSTO cappedSTO = new CappedSTO(msg.sender, address(polyToken));
         //Checks that _data is valid (not calling anything it shouldn't)

contracts/modules/STO/DummySTOFactory.sol

@@ -29,7 +29,7 @@ contract DummySTOFactory is ModuleFactory {
      */
     function deploy(bytes _data) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Sufficent Allowance is not provided");
         //Check valid bytes - can only call module init function
         DummySTO dummySTO = new DummySTO(msg.sender, address(polyToken));
         //Checks that _data is valid (not calling anything it shouldn't)

contracts/modules/STO/ISTO.sol

@@ -2,7 +2,7 @@ pragma solidity ^0.4.24;
 
 import "../../Pausable.sol";
 import "../Module.sol";
-import "../../interfaces/IERC20.sol";
+import "openzeppelin-solidity/contracts/token/ERC20/IERC20.sol";
 import "openzeppelin-solidity/contracts/math/SafeMath.sol";
 
 /**

contracts/modules/STO/PreSaleSTOFactory.sol

@@ -31,7 +31,7 @@ contract PreSaleSTOFactory is ModuleFactory {
      */
     function deploy(bytes _data) external returns(address) {
         if (setupCost > 0) {
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Sufficent Allowance is not provided");
         }
         //Check valid bytes - can only call module init function
         PreSaleSTO preSaleSTO = new PreSaleSTO(msg.sender, address(polyToken));

contracts/modules/STO/USDTieredSTO.sol

@@ -6,7 +6,7 @@ import "../../interfaces/IOracle.sol";
 import "../../RegistryUpdater.sol";
 import "../../libraries/DecimalMath.sol";
 import "openzeppelin-solidity/contracts/math/SafeMath.sol";
-import "openzeppelin-solidity/contracts/ReentrancyGuard.sol";
+import "openzeppelin-solidity/contracts/utils/ReentrancyGuard.sol";
 
 /**
  * @title STO module for standard capped crowdsale
@@ -434,7 +434,7 @@ contract USDTieredSTO is ISTO, ReentrancyGuard {
         require(_investmentValue > 0, "No funds were sent");
 
         uint256 investedUSD = DecimalMath.mul(_rate, _investmentValue);
-        uint256 originalUSD = investedUSD;
+        uint256 spentValue = investedUSD;
 
         // Check for minimum investment
         require(investedUSD.add(investorInvestedUSD[_beneficiary]) >= minimumInvestmentUSD, "Total investment < minimumInvestmentUSD");
@@ -469,11 +469,10 @@ contract USDTieredSTO is ISTO, ReentrancyGuard {
         }
 
         // Calculate spent in base currency (ETH, DAI or POLY)
-        uint256 spentValue;
         if (spentUSD == 0) {
             spentValue = 0;
         } else {
-            spentValue = DecimalMath.mul(DecimalMath.div(spentUSD, originalUSD), _investmentValue);
+            spentValue = DecimalMath.mul(DecimalMath.div(spentUSD, spentValue), _investmentValue);
         }
 
         // Return calculated amounts

contracts/modules/STO/USDTieredSTOFactory.sol

@@ -35,7 +35,7 @@ contract USDTieredSTOFactory is ModuleFactory {
      */
     function deploy(bytes _data) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Sufficent Allowance is not provided");
         require(USDTieredSTOProxyAddress != address(0), "Proxy contract should be pre-set");
         //Check valid bytes - can only call module init function
         address usdTieredSTO = IUSDTieredSTOProxy(USDTieredSTOProxyAddress).deploySTO(msg.sender, address(polyToken), address(this));

contracts/modules/TransferManager/CountTransferManagerFactory.sol

@@ -31,7 +31,7 @@ contract CountTransferManagerFactory is ModuleFactory {
      */
     function deploy(bytes _data) external returns(address) {
         if(setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom due to insufficent Allowance provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom due to insufficent Allowance provided");
         CountTransferManager countTransferManager = new CountTransferManager(msg.sender, address(polyToken));
         require(Util.getSig(_data) == countTransferManager.getInitFunction(), "Provided data is not valid");
         /*solium-disable-next-line security/no-low-level-calls*/

contracts/modules/TransferManager/GeneralTransferManagerFactory.sol

@@ -30,7 +30,7 @@ contract GeneralTransferManagerFactory is ModuleFactory {
      */
     function deploy(bytes /* _data */) external returns(address) {
         if (setupCost > 0)
-            require(polyToken.transferFrom(msg.sender, owner, setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
+            require(polyToken.transferFrom(msg.sender, owner(), setupCost), "Failed transferFrom because of sufficent Allowance is not provided");
         address generalTransferManager = new GeneralTransferManager(msg.sender, address(polyToken));
         /*solium-disable-next-line security/no-block-members*/
         emit GenerateModuleFromFactory(address(generalTransferManager), getName(), address(this), msg.sender, setupCost, now);