Merging 2 repos: foundry-rs/hardhat-foundry-template + abigger87/femplate
- Install
foundryup(toolchain installer):
curl -L https://foundry.paradigm.xyz | bash- Trigger foundry installation:
foundryup🎉 Foundry is installed! 🎉
Anytime you need to get the latest forge or cast binaries,
you can run foundryup.
- Tests are run way faster with Foundry than HardHat: how fast?
- Comes with a number of advanced testing methods:
Fuzz Testing & Differential Testing(incoming: Invariant Testing, Symbolic Execution & Mutation Testing) - Tests written only in solidity
Notes: If for a specific case/scenario needs to be written in JS/TS you will need to use HardHat (along side Foundry)
Update git submodules & install repo's forge libraries
yarn install & git submodule update --init --recursive && forge install Openzeppelin/openzeppelin-contracts foundry-rs/forge-std rari-capital/solmate --no-commit
Create a test file for your contract in the src/tests/ directory.
To learn more about writing tests in Solidity for Foundry, reference Rari Capital's solmate repository created by @transmissions11.
forge test --gas-report --watch
watch allows to trigger test on every change in test files
For internal audits we will use tools like Echidna, Etheno, Manticore, Slither & Rattle.
We also need to check our code against well known vulnerabilities from Not So Smart Contracts repository (included in the image)
docker run -it -v ${PWD}:/share trailofbits/eth-security-toolbox
You might need to change default solc version with:
solc-select use 0.8.13
File of the current folder will be in /share folder of the container. When running a command with slither it look like:
slither /share/src/Token.sol --config-file /share/slither.config.json
First, start Anvil:
anvil
Then run the following script with one of the private keys given to you by Anvil:
forge script scripts/Token.s.sol:DeployToken --fork-url http://localhost:8545 --private-key $PRIVATE_KEY --broadcast -vvvv
Create an .env file based on .env.example & fill it with your data. Then run:
source .env
forge script scripts/Token.s.sol:DeployToken --rpc-url $RPC_URL --private-key $PRIVATE_KEY --broadcast --verify --etherscan-api-key $EXPLORER_KEY -vvvv
Install libraries with Foundry which work with Hardhat. It is always Organization(UserName)/repoName
forge install rari-capital/solmate foundry-rs/forge-std Openzeppelin/openzeppelin-contracts --no-commit # Already in this repo
Updating a library
forge update lib/<dep>
Removing a library
forge update lib/<dep>
Whenever you install new libraries using Foundry, make sure to update your remappings.txt.
Follow steps here to enable HardHat compatibility
Disable completely solhint
// solhint-disable-next-line
Disable some solhint rules
// solhint-disable-next-line no-empty-blocks not-rely-on-time
Disalbe completely solhint
/* solhint-disable */
function transferTo(address to, uint amount) public {
require(tx.origin == owner);
to.call.value(amount)();
}
/* solhint-enable */
Disable some solhint rules
/* solhint-disable avoid-tx-origin not-rely-on-time */
function transferTo(address to, uint amount) public {
require(tx.origin == owner);
to.call.value(amount)();
}
/* solhint-enable avoid-tx-origin not-rely-on-time */
Husky allows to manage git hooks and trigger actions when commiting, e.g. npx prettier writte .
npx husky add .husky/pre-commit "npm test"
git add .husky/pre-commit
reference: doc
Some specific package might need specific hooks:
npx husky add .husky/commit-msg 'npx --no commitlint --edit "$1"'
reference: doc
In order to rebase interactively in your IDE (e.g. VSCode), copy this in your terminal:
git config --global core.editor "code --wait"