# Treasury

### Overview <a href="#overview-10" id="overview-10"></a>

**Treasury** is a minimal yet crucial smart contract that securely stores and allows controlled withdrawals of both native ETH and ERC20 tokens. Owned by a single address, it enforces strict access control on asset movements via `onlyOwner` and mitigates re-entrant calls through `nonReentrant`. This design ensures that only the contract owner can authorize withdrawals and that no re-entrancy exploits can siphon funds.

**Key Attributes**:

1. **Custody of Funds**: Holds ERC20 tokens and ETH in a secure manner.
2. **Restricted Withdrawals**: Only the contract’s owner can withdraw funds, specifying the token address, amount, and recipient.
3. **Non-Reentrant Calls**: Uses `ReentrancyGuard` to prevent complex re-entrancy exploits during withdrawals.

By implementing the `ITreasury` interface, **Treasury** provides a standardized API (the `withdraw` function) and emits an event (`TokenWithdrawn`) whenever funds are moved out.

***

### Inherited Contracts and Interfaces <a href="#inherited-contracts-and-interfaces-10" id="inherited-contracts-and-interfaces-10"></a>

* **Ownable (OpenZeppelin)**\
  Allows the contract to have an owner who can perform restricted operations. In this case, only the owner can call `withdraw`.
* **ReentrancyGuard (OpenZeppelin)**\
  Protects critical functions from re-entrancy attacks. The `withdraw` function uses the `nonReentrant` modifier.
* **ITreasury (Custom Interface)**\
  Declares the `withdraw` function signature and `TokenWithdrawn` event. The contract implements these specifications.

**Additional External References**:

* **SafeERC20, IERC20 (OpenZeppelin)**: Used to safely transfer ERC20 tokens in the `withdraw` function.
* **Address (OpenZeppelin)**: Provides the `sendValue` method for securely transferring ETH.

***

### State Variables <a href="#state-variables-8" id="state-variables-8"></a>

The **Treasury** contract does not introduce mutable storage variables beyond those inherited from its parent classes. However, it defines:

* **`owner (Ownable.sol)`**\
  A variable inherited from **Ownable** indicating the contract owner. Managed internally by the Ownable library’s `_owner` storage variable.

No other custom state variables are defined. The contract relies on the OpenZeppelin libraries for ownership tracking and reentrancy control.

***

### Constructor <a href="#constructor-10" id="constructor-10"></a>

```solidity
constructor(address owner_) Ownable(owner_) {}

```

* **Description**:\
  The constructor takes a single parameter, `owner_`, which designates the address to be assigned as the contract owner via **Ownable**. This ownership implies exclusive access to `withdraw`.
* **Parameters**:
  * `owner_`: The address that will be granted ownership of the contract upon deployment.
* **Effects**:
  * Calls `Ownable(owner_)` constructor to set the provided `owner_` as the owner.
  * No additional logic is performed here.

***

### Fallback Function <a href="#fallback-function" id="fallback-function"></a>

```solidity
receive() external payable {}

```

* **Description**:\
  A receive fallback function that allows the contract to accept native ETH transfers (e.g., via `send` or `transfer` with no calldata). This function does not store or otherwise process the ETH, aside from receiving it into the contract’s balance.

***

### External Functions <a href="#external-functions-6" id="external-functions-6"></a>

#### `withdraw(address token_, uint256 amount_, address recipient_)` <a href="#withdrawaddress-token_-uint256-amount_-address-recipient" id="withdrawaddress-token_-uint256-amount_-address-recipient"></a>

```solidity
function withdraw(
    address token_,
    uint256 amount_,
    address recipient_
)
    external
    onlyOwner
    nonReentrant

```

* **Description**:\
  Allows the contract owner to withdraw either an ERC20 token or native ETH from the treasury to a specified `recipient_`. If `token_` is the zero address (`address(0)`), it indicates a withdrawal of ETH. Otherwise, it withdraws the specified ERC20 token using a safe transfer.
* **Parameters**:
  * `token_`: The address of the ERC20 token to withdraw. If `address(0)`, the function sends ETH instead of tokens.
  * `amount_`: The amount of tokens (or ETH) to withdraw.
  * `recipient_`: The address that will receive the withdrawn tokens or ETH.
* **Checks & Effects**:
  1. The function uses `onlyOwner` to ensure only the contract’s owner can invoke it.
  2. Uses `nonReentrant` from **ReentrancyGuard** to prevent nested re-entrant calls.
  3. If `token_ == address(0)`, uses `Address.sendValue` to send `amount_` of ETH to `recipient_`.
  4. Otherwise, calls `safeTransfer` on `IERC20(token_)` to transfer `amount_` tokens to `recipient_`.
* **Events**:
  * Emits **`TokenWithdrawn(token_, amount_, recipient_)`** upon a successful withdrawal, logging details for transparency.

***

### Events <a href="#events-7" id="events-7"></a>

#### `TokenWithdrawn(address indexed token, uint256 indexed amount, address indexed recipient)` <a href="#tokenwithdrawnaddress-indexed-token-uint256-indexed-amount-address-indexed-recipient" id="tokenwithdrawnaddress-indexed-token-uint256-indexed-amount-address-indexed-recipient"></a>

* **Emitted When**:\
  The `withdraw` function completes successfully, whether removing ETH or ERC20 tokens.
* **Parameters**:
  * `token`: The address of the token being withdrawn. Zero address if ETH.
  * `amount`: The quantity of tokens or ETH withdrawn.
  * `recipient`: The address that received the withdrawn funds.

***

### Summary <a href="#summary-10" id="summary-10"></a>

**Treasury** acts as a straightforward contract for securely holding and releasing ETH or ERC20 tokens under the **EYWA** ecosystem. With **Ownable** restricting `withdraw` calls to the contract owner and **ReentrancyGuard** ensuring robust security, the **Treasury** provides a trustworthy store for tokens:

1. **Secure Custody**: Only an authorized owner can move assets out.
2. **Versatile Withdrawals**: Supports both ETH and arbitrary ERC20 tokens using standardized SafeERC20 operations.
3. **Transparent Logging**: The `TokenWithdrawn` event ensures on-chain traceability of funds outflow.

This minimal approach ensures clarity, security, and traceable control over treasury assets within the **EYWA** framework.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.eywa.fi/developer-documentation/guide-for-developers/technical-documentation-for-eywa-dao-smart-contracts/treasury.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.