From c3d4c786fa73f26c0e4aebbcc2e1539f5f21e8aa Mon Sep 17 00:00:00 2001 From: defiQUG Date: Wed, 22 Apr 2026 14:47:28 -0700 Subject: [PATCH] Standardize deployment env and deployer handling --- scripts/deployment/check-deployment-status.sh | 34 +++---- scripts/deployment/check-env-requirements.sh | 28 +++--- .../check-link-balance-config-ready-chains.sh | 8 +- scripts/deployment/check-mainnet-balances.sh | 26 +++--- scripts/deployment/check-wallet-balances.sh | 37 ++++---- .../complete-config-ready-chains.sh | 28 +++--- ...igure-avalanche-arbitrum-cronos-bridges.sh | 4 +- scripts/deployment/deploy-all-contracts.sh | 8 +- scripts/deployment/deploy-all-from-proxy.sh | 11 +-- scripts/deployment/deploy-all-mainnet.sh | 16 ++-- scripts/deployment/deploy-all-ordered.sh | 58 ++++-------- scripts/deployment/deploy-all-phases.sh | 9 +- scripts/deployment/deploy-all-ready-chains.sh | 8 +- scripts/deployment/deploy-all.sh | 16 ++-- .../deploy-bridges-config-ready-chains.sh | 8 +- scripts/deployment/deploy-bridges-mainnet.sh | 25 ++--- scripts/deployment/deploy-ccip-router.sh | 40 ++++---- .../deployment/deploy-ccip-weth10-bridge.sh | 52 +++++------ .../deployment/deploy-ccip-weth9-bridge.sh | 52 +++++------ .../deployment/deploy-contracts-once-ready.sh | 11 +-- .../deployment/deploy-contracts-ordered.sh | 20 +--- .../deployment/deploy-contracts-parallel.sh | 31 ++----- .../deployment/deploy-contracts-unified.sh | 17 ++-- .../deploy-mainnet-tether-mirror.sh | 30 ++---- scripts/deployment/deploy-multicall.sh | 20 ++-- scripts/deployment/deploy-multisig.sh | 6 +- .../deployment/deploy-optional-future-all.sh | 9 +- .../deploy-phase2-and-contracts-parallel.sh | 11 +-- .../deployment/deploy-phase2-from-proxy.sh | 10 -- .../deploy-sufficient-balance-chains.sh | 10 +- .../deploy-vault-system-and-ac-vdc-sdc.sh | 6 +- scripts/deployment/deploy-weth-create.sh | 9 +- scripts/deployment/deploy-weth-create2.sh | 9 +- scripts/deployment/deploy-weth-unified.sh | 36 +++++-- scripts/deployment/deploy-weth-with-ccip.sh | 54 +++++------ scripts/deployment/deploy-weth.sh | 20 ++-- scripts/deployment/deploy-weth10.sh | 20 ++-- .../deployment/dry-run-mainnet-deployment.sh | 29 ++---- scripts/deployment/fix-nonce-and-retry.sh | 3 +- scripts/deployment/get-wallet-address.sh | 26 ++---- .../list-deployer-tokens-all-networks.sh | 6 +- .../preflight-config-ready-chains.sh | 10 +- .../deployment/run-e2e-trustless-live-test.sh | 5 +- .../seed-chain138-canonical-pmm-pools.sh | 5 +- scripts/deployment/start-deployment.sh | 20 ++-- .../sync-chain138-pmm-pools-from-json.sh | 8 +- .../deployment/verify-contract-etherscan.sh | 11 +-- .../deployment/verify-contract-ownership.sh | 9 +- .../deployment/verify-contracts-parallel.sh | 15 +-- scripts/deployment/verify-env.sh | 8 +- scripts/lib/deployment/dotenv.sh | 93 ++++++++++++++++--- 51 files changed, 424 insertions(+), 621 deletions(-) diff --git a/scripts/deployment/check-deployment-status.sh b/scripts/deployment/check-deployment-status.sh index 3731c5d..2739c53 100755 --- a/scripts/deployment/check-deployment-status.sh +++ b/scripts/deployment/check-deployment-status.sh @@ -30,22 +30,11 @@ fi log_info "=== Deployment Status Check ===" -# Check .env file -if [ ! -f .env ]; then - log_error "❌ .env file not found" - echo "Please create .env file with required variables" - exit 1 -fi - -log_success "✅ .env file exists" - -# Load environment variables -source .env - # Check RPC endpoint +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "❌ RPC_URL not set in .env" - echo "Please set RPC_URL in .env file" + log_error "❌ Chain 138 RPC not configured" + echo "Set RPC_URL, RPC_URL_138, or CHAIN138_RPC_URL." else log_success "✅ RPC_URL configured: ${RPC_URL}" @@ -68,9 +57,9 @@ else fi # Check PRIVATE_KEY -if [ -z "$PRIVATE_KEY" ]; then - log_error "❌ PRIVATE_KEY not set in .env" - echo "Please set PRIVATE_KEY in .env file" +if ! require_private_key_env > /dev/null 2>&1; then + log_error "❌ PRIVATE_KEY not configured" + echo "Set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env." else log_success "✅ PRIVATE_KEY configured" fi @@ -110,28 +99,28 @@ else fi # WETH10 -if [ -z "$WETH10_ADDRESS" ] || [ "$WETH10_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then +if [ -z "${WETH10_ADDRESS:-}" ] || [ "${WETH10_ADDRESS:-}" = "0x0000000000000000000000000000000000000000" ]; then log_warn "⏳ WETH10_ADDRESS: Not deployed" else log_success "✅ WETH10_ADDRESS: ${WETH10_ADDRESS}" fi # CCIPWETH9Bridge -if [ -z "$CCIPWETH9BRIDGE_ADDRESS" ] || [ "$CCIPWETH9BRIDGE_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then +if [ -z "${CCIPWETH9BRIDGE_ADDRESS:-}" ] || [ "${CCIPWETH9BRIDGE_ADDRESS:-}" = "0x0000000000000000000000000000000000000000" ]; then log_warn "⏳ CCIPWETH9BRIDGE_ADDRESS: Not deployed" else log_success "✅ CCIPWETH9BRIDGE_ADDRESS: ${CCIPWETH9BRIDGE_ADDRESS}" fi # CCIPWETH10Bridge -if [ -z "$CCIPWETH10BRIDGE_ADDRESS" ] || [ "$CCIPWETH10BRIDGE_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then +if [ -z "${CCIPWETH10BRIDGE_ADDRESS:-}" ] || [ "${CCIPWETH10BRIDGE_ADDRESS:-}" = "0x0000000000000000000000000000000000000000" ]; then log_warn "⏳ CCIPWETH10BRIDGE_ADDRESS: Not deployed" else log_success "✅ CCIPWETH10BRIDGE_ADDRESS: ${CCIPWETH10BRIDGE_ADDRESS}" fi # Oracle Aggregator -if [ -z "$ORACLE_AGGREGATOR_ADDRESS" ] || [ "$ORACLE_AGGREGATOR_ADDRESS" = "0x0000000000000000000000000000000000000000" ]; then +if [ -z "${ORACLE_AGGREGATOR_ADDRESS:-}" ] || [ "${ORACLE_AGGREGATOR_ADDRESS:-}" = "0x0000000000000000000000000000000000000000" ]; then log_warn "⏳ ORACLE_AGGREGATOR_ADDRESS: Not deployed" else log_success "✅ ORACLE_AGGREGATOR_ADDRESS: ${ORACLE_AGGREGATOR_ADDRESS}" @@ -164,11 +153,10 @@ fi # Summary log_info "=== Summary ===" echo "Ready for contract deployment:" -if [ -n "$RPC_URL" ] && [ -n "$PRIVATE_KEY" ]; then +if [ -n "${RPC_URL:-}" ] && [ -n "${PRIVATE_KEY:-}" ]; then log_success "✅ Prerequisites met" echo "Run: ./scripts/deployment/deploy-contracts-ordered.sh" else log_error "❌ Prerequisites not met" echo "Please configure RPC_URL and PRIVATE_KEY in .env" fi - diff --git a/scripts/deployment/check-env-requirements.sh b/scripts/deployment/check-env-requirements.sh index 3abb340..24505b2 100755 --- a/scripts/deployment/check-env-requirements.sh +++ b/scripts/deployment/check-env-requirements.sh @@ -5,19 +5,17 @@ set -e +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then + # shellcheck disable=SC1090 + source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" + load_deployment_env --repo-root "$PROJECT_ROOT" +fi + echo "=== Environment Variables Requirements Check ===" echo "" -# Check if .env exists -if [ -f .env ]; then - echo "✓ .env file exists" - source .env -else - echo "✗ .env file not found" - echo " Create it from .env.template or manually" - echo "" -fi - echo "" echo "=== Required Variables (Must Be Set) ===" echo "" @@ -32,7 +30,7 @@ REQUIRED_ALL=( MISSING_REQUIRED=() for var in "${REQUIRED_ALL[@]}"; do - if [ -z "${!var}" ] || [ "${!var}" == "0x..." ] || [ "${!var}" == "your_etherscan_api_key" ] || [ "${!var}" == "http://chain138.example.com:8545" ]; then + if [ -z "${!var:-}" ] || [ "${!var:-}" == "0x..." ] || [ "${!var:-}" == "your_etherscan_api_key" ] || [ "${!var:-}" == "http://chain138.example.com:8545" ]; then echo "✗ $var: NOT SET or using placeholder" MISSING_REQUIRED+=("$var") else @@ -180,6 +178,13 @@ else echo "Please set these variables in .env file before deployment" fi +echo "" +echo "=== External Dependency Blockers ===" +echo "" +if ! bash "$PROJECT_ROOT/scripts/verify/check-external-dependencies.sh" --advisory; then + true +fi + echo "" echo "=== Next Steps ===" echo "" @@ -194,4 +199,3 @@ else fi echo "" - diff --git a/scripts/deployment/check-link-balance-config-ready-chains.sh b/scripts/deployment/check-link-balance-config-ready-chains.sh index bc4aa33..b54a256 100755 --- a/scripts/deployment/check-link-balance-config-ready-chains.sh +++ b/scripts/deployment/check-link-balance-config-ready-chains.sh @@ -35,12 +35,8 @@ CRONOS_RPC="${CRONOS_RPC:-${CRONOS_RPC_URL:-https://evm.cronos.org}}" CELO_RPC="${CELO_RPC:-${CELO_MAINNET_RPC:-https://forno.celo.org}}" WEMIX_RPC="${WEMIX_RPC:-${WEMIX_MAINNET_RPC:-https://api.wemix.com}}" -if [[ -z "${PRIVATE_KEY:-}" ]]; then - echo "Error: Set PRIVATE_KEY in .env" >&2 - exit 1 -fi -DEPLOYER=$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true) -[[ -z "$DEPLOYER" ]] && { echo "Error: Could not derive deployer from PRIVATE_KEY" >&2; exit 1; } +DEPLOYER="${DEPLOYER_ADDRESS:-$(derive_deployer_address 2>/dev/null || true)}" +[[ -z "$DEPLOYER" ]] && { echo "Error: Set PRIVATE_KEY or DEPLOYER_ADDRESS in env before checking LINK balances." >&2; exit 1; } RED='\033[0;31m' GREEN='\033[0;32m' diff --git a/scripts/deployment/check-mainnet-balances.sh b/scripts/deployment/check-mainnet-balances.sh index d3ef23a..be218f7 100755 --- a/scripts/deployment/check-mainnet-balances.sh +++ b/scripts/deployment/check-mainnet-balances.sh @@ -7,7 +7,6 @@ set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" @@ -24,15 +23,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - log_info "=== Mainnet Wallet Balance Check ===" # Check if cast is available @@ -42,20 +32,20 @@ if ! command -v cast &> /dev/null; then fi # Get wallet address from private key -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi -WALLET_ADDRESS=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo "") +WALLET_ADDRESS="$(derive_deployer_address || true)" if [ -z "$WALLET_ADDRESS" ]; then - log_error "Error: Could not derive address from private key" + log_error "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." exit 1 fi log_info "Wallet Address: $WALLET_ADDRESS" # Mainnet RPC +MAINNET_RPC_URL="${MAINNET_RPC_URL:-${ETHEREUM_MAINNET_RPC:-}}" if [ -z "$MAINNET_RPC_URL" ]; then MAINNET_RPC_URL="https://eth.llamarpc.com" fi @@ -66,6 +56,7 @@ MAINNET_LINK="0x514910771AF9Ca656af840dff83E8264EcF986CA" # Required amounts ETH_RECOMMENDED="50000000000000000" # 0.05 ETH LINK_RECOMMENDED="10000000000000000000" # 10 LINK +ETH_REQUIRED="${ETH_REQUIRED:-${MAINNET_ETH_REQUIRED:-25000000000000000}}" # 0.025 ETH log_info "=== Mainnet ETH Balance ===" @@ -94,6 +85,13 @@ log_info "=== Mainnet LINK Balance ===" # Check LINK balance LINK_BALANCE=$(cast call "$MAINNET_LINK" "balanceOf(address)(uint256)" "$WALLET_ADDRESS" --rpc-url "$MAINNET_RPC_URL" 2>/dev/null || echo "0") +if [[ "$LINK_BALANCE" =~ ^0x ]]; then + LINK_BALANCE=$(cast --to-dec "$LINK_BALANCE" 2>/dev/null || echo "0") +fi +LINK_BALANCE="$(printf '%s' "$LINK_BALANCE" | tr -d '\r\n[:space:]')" +if [[ -z "$LINK_BALANCE" || ! "$LINK_BALANCE" =~ ^[0-9]+$ ]]; then + LINK_BALANCE="0" +fi if [ "$LINK_BALANCE" != "0" ] && [ -n "$LINK_BALANCE" ]; then LINK_AMOUNT=$(cast --to-unit "$LINK_BALANCE" ether 2>/dev/null || echo "0") diff --git a/scripts/deployment/check-wallet-balances.sh b/scripts/deployment/check-wallet-balances.sh index a1a78a7..99e44be 100755 --- a/scripts/deployment/check-wallet-balances.sh +++ b/scripts/deployment/check-wallet-balances.sh @@ -8,7 +8,6 @@ set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" @@ -25,18 +24,13 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Colors - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - log_info "=== Pre-Deployment Wallet Balance Check ===" +: "${MAINNET_ETH_REQUIRED:=25000000000000000}" # 0.025 ETH +: "${MAINNET_LINK_REQUIRED:=0}" +: "${CHAIN138_ETH_REQUIRED:=0}" +: "${CHAIN138_LINK_REQUIRED:=0}" + # Required amounts (in wei, then converted) # Check if cast is available @@ -46,14 +40,13 @@ if ! command -v cast &> /dev/null; then fi # Get wallet address from private key -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi -WALLET_ADDRESS=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo "") +WALLET_ADDRESS="$(derive_deployer_address || true)" if [ -z "$WALLET_ADDRESS" ]; then - log_error "Error: Could not derive address from PRIVATE_KEY" + log_error "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." exit 1 fi @@ -75,7 +68,15 @@ check_balance() { # Check ERC20 token balance balance=$(cast call "$token_address" "balanceOf(address)(uint256)" "$address" --rpc-url "$rpc_url" 2>/dev/null || echo "0") fi - + + if [[ "$balance" =~ ^0x ]]; then + balance=$(cast --to-dec "$balance" 2>/dev/null || echo "0") + fi + balance="$(printf '%s' "$balance" | tr -d '\r\n[:space:]')" + if [[ -z "$balance" || ! "$balance" =~ ^[0-9]+$ ]]; then + balance="0" + fi + if [ "$balance" == "0" ] || [ -z "$balance" ]; then balance="0" fi @@ -123,6 +124,7 @@ check_balance() { # Check Mainnet balances log_info "=== Ethereum Mainnet Balances ===" +MAINNET_RPC_URL="${MAINNET_RPC_URL:-${ETHEREUM_MAINNET_RPC:-}}" if [ -z "$MAINNET_RPC_URL" ]; then MAINNET_RPC_URL="https://eth.llamarpc.com" log_warn "Using default Mainnet RPC: $MAINNET_RPC_URL" @@ -150,8 +152,9 @@ fi # Check ChainID 138 balances log_info "=== ChainID 138 Balances ===" +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "Error: RPC_URL not set in .env" + log_error "ERROR: Chain 138 RPC not available. Set RPC_URL, RPC_URL_138, or CHAIN138_RPC_URL." exit 1 fi diff --git a/scripts/deployment/complete-config-ready-chains.sh b/scripts/deployment/complete-config-ready-chains.sh index 2bff125..8099ece 100755 --- a/scripts/deployment/complete-config-ready-chains.sh +++ b/scripts/deployment/complete-config-ready-chains.sh @@ -40,24 +40,19 @@ CRONOS_RPC="${CRONOS_RPC:-${CRONOS_RPC_URL:-https://evm.cronos.org}}" CELO_RPC="${CELO_RPC:-${CELO_MAINNET_RPC:-https://forno.celo.org}}" WEMIX_RPC="${WEMIX_RPC:-${WEMIX_MAINNET_RPC:-https://api.wemix.com}}" -PRIVATE_KEY="${PRIVATE_KEY:-}" -if [[ -n "$PRIVATE_KEY" && ! "$PRIVATE_KEY" =~ ^0x ]]; then - PRIVATE_KEY="0x$PRIVATE_KEY" -fi - # Chain 138 bridge addresses (required) -WETH9_138=$(grep "CCIPWETH9_BRIDGE_CHAIN138=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH9_BRIDGE_CHAIN138:-}") -WETH10_138=$(grep "CCIPWETH10_BRIDGE_CHAIN138=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH10_BRIDGE_CHAIN138:-}") +WETH9_138="${CCIPWETH9_BRIDGE_CHAIN138:-}" +WETH10_138="${CCIPWETH10_BRIDGE_CHAIN138:-}" # Config-ready chain bridge addresses (optional; if set, we configure them) -WETH9_GNOSIS=$(grep "CCIPWETH9_BRIDGE_GNOSIS=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH9_BRIDGE_GNOSIS:-}") -WETH10_GNOSIS=$(grep "CCIPWETH10_BRIDGE_GNOSIS=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH10_BRIDGE_GNOSIS:-}") -WETH9_CRONOS=$(grep "CCIPWETH9_BRIDGE_CRONOS=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH9_BRIDGE_CRONOS:-}") -WETH10_CRONOS=$(grep "CCIPWETH10_BRIDGE_CRONOS=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH10_BRIDGE_CRONOS:-}") -WETH9_CELO=$(grep "CCIPWETH9_BRIDGE_CELO=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH9_BRIDGE_CELO:-}") -WETH10_CELO=$(grep "CCIPWETH10_BRIDGE_CELO=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH10_BRIDGE_CELO:-}") -WETH9_WEMIX=$(grep "CCIPWETH9_BRIDGE_WEMIX=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH9_BRIDGE_WEMIX:-}") -WETH10_WEMIX=$(grep "CCIPWETH10_BRIDGE_WEMIX=" "$PROJECT_ROOT/.env" 2>/dev/null | cut -d'=' -f2 | tr -d ' "\r\n' || echo "${CCIPWETH10_BRIDGE_WEMIX:-}") +WETH9_GNOSIS="${CCIPWETH9_BRIDGE_GNOSIS:-}" +WETH10_GNOSIS="${CCIPWETH10_BRIDGE_GNOSIS:-}" +WETH9_CRONOS="${CCIPWETH9_BRIDGE_CRONOS:-}" +WETH10_CRONOS="${CCIPWETH10_BRIDGE_CRONOS:-}" +WETH9_CELO="${CCIPWETH9_BRIDGE_CELO:-}" +WETH10_CELO="${CCIPWETH10_BRIDGE_CELO:-}" +WETH9_WEMIX="${CCIPWETH9_BRIDGE_WEMIX:-}" +WETH10_WEMIX="${CCIPWETH10_BRIDGE_WEMIX:-}" # Besu eth_call via `cast call` can return -32602; lowercase 20-byte addresses avoids some failures on sends. WETH9_138="${WETH9_138,,}" @@ -72,8 +67,7 @@ if [[ -z "$WETH9_138" || -z "$WETH10_138" ]]; then exit 1 fi -if [[ -z "$PRIVATE_KEY" ]]; then - echo "Error: PRIVATE_KEY not set in .env" >&2 +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/configure-avalanche-arbitrum-cronos-bridges.sh b/scripts/deployment/configure-avalanche-arbitrum-cronos-bridges.sh index 43ffaa2..5b0ba56 100755 --- a/scripts/deployment/configure-avalanche-arbitrum-cronos-bridges.sh +++ b/scripts/deployment/configure-avalanche-arbitrum-cronos-bridges.sh @@ -59,7 +59,6 @@ _gas138="--legacy --gas-limit 250000 --gas-price 2000000000" _gas_remote="--legacy --gas-limit 400000" PRIVATE_KEY="${PRIVATE_KEY:-}" -[[ -n "$PRIVATE_KEY" && ! "$PRIVATE_KEY" =~ ^0x ]] && PRIVATE_KEY="0x$PRIVATE_KEY" DRY_RUN="${DRY_RUN:-0}" RED='\033[0;31m' @@ -86,8 +85,7 @@ run_or_echo() { echo -e "${GREEN}=== Avalanche/Arbitrum/Cronos ↔ Chain 138 Bridge Configuration ===${NC}" echo "" -if [[ -z "$PRIVATE_KEY" ]]; then - echo -e "${RED}ERROR: PRIVATE_KEY not set${NC}" +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/deploy-all-contracts.sh b/scripts/deployment/deploy-all-contracts.sh index 256ad13..e24ecc2 100755 --- a/scripts/deployment/deploy-all-contracts.sh +++ b/scripts/deployment/deploy-all-contracts.sh @@ -27,16 +27,10 @@ RPC_URL="${RPC_URL_138:-http://localhost:8545}" GAS_PRICE="${GAS_PRICE:-1000000000}" PRIVATE_KEY="${PRIVATE_KEY:-}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" +if ! require_private_key_env; then exit 1 fi -# Ensure PRIVATE_KEY has 0x prefix -if [[ ! "$PRIVATE_KEY" =~ ^0x ]]; then - export PRIVATE_KEY="0x$PRIVATE_KEY" -fi - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "Deploy All Contracts" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" diff --git a/scripts/deployment/deploy-all-from-proxy.sh b/scripts/deployment/deploy-all-from-proxy.sh index e250fa7..372ef9b 100755 --- a/scripts/deployment/deploy-all-from-proxy.sh +++ b/scripts/deployment/deploy-all-from-proxy.sh @@ -29,18 +29,9 @@ echo "Phase 2 Complete Deployment from Proxy Host" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" -# Check if .env exists -if [ ! -f .env ]; then - echo "❌ Error: .env file not found" - echo "Please ensure .env is in $PROJECT_ROOT" - exit 1 -fi - -source .env - # Verify SSH key if [ -z "$SSH_PRIVATE_KEY_PATH" ]; then - echo "❌ Error: SSH_PRIVATE_KEY_PATH not set in .env" + echo "ERROR: SSH_PRIVATE_KEY_PATH not available. Set it in smom-dbis-138/.env or repo .env." >&2 exit 1 fi diff --git a/scripts/deployment/deploy-all-mainnet.sh b/scripts/deployment/deploy-all-mainnet.sh index d3c7e98..80ee3a6 100755 --- a/scripts/deployment/deploy-all-mainnet.sh +++ b/scripts/deployment/deploy-all-mainnet.sh @@ -25,15 +25,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - log_info "=== Ethereum Mainnet Deployment ===" # Check wallet balances first (warning only) @@ -55,7 +46,12 @@ if [[ "$MAINNET_RPC" == *"infura.io"* ]] && [[ -n "${INFURA_PROJECT_SECRET:-}" ] _with_auth=$(build_infura_rpc "mainnet" 2>/dev/null || true) [[ -n "$_with_auth" ]] && MAINNET_RPC="$_with_auth" && log_info "Using Infura Mainnet RPC with Basic Auth" fi -MAINNET_PRIVATE_KEY="${PRIVATE_KEY}" +MAINNET_PRIVATE_KEY="${MAINNET_PRIVATE_KEY:-${PRIVATE_KEY:-}}" +export PRIVATE_KEY="$MAINNET_PRIVATE_KEY" +if ! require_private_key_env "Set MAINNET_PRIVATE_KEY or PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env."; then + exit 1 +fi +MAINNET_PRIVATE_KEY="$PRIVATE_KEY" MAINNET_CCIP_ROUTER="${MAINNET_CCIP_ROUTER:-0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D}" # Official Chainlink CCIP Router MAINNET_LINK_TOKEN="${MAINNET_LINK_TOKEN:-0x514910771AF9Ca656af840dff83E8264EcF986CA}" WETH9_ADDRESS="0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2" diff --git a/scripts/deployment/deploy-all-ordered.sh b/scripts/deployment/deploy-all-ordered.sh index 8550860..e620450 100755 --- a/scripts/deployment/deploy-all-ordered.sh +++ b/scripts/deployment/deploy-all-ordered.sh @@ -30,36 +30,17 @@ fi log_info "=== Deploy All Contracts in Proper Order ===" -# Check if .env exists -if [ ! -f .env ]; then - log_error "Error: .env file not found" - echo "Creating .env from .env.example..." - if [ -f .env.example ]; then - cp .env.example .env - log_success "✅ Created .env from .env.example" - log_warn "Please configure .env with your values before continuing" - exit 1 - else - log_error "Error: .env.example not found" - exit 1 - fi -fi - -# Load environment variables -source .env - -# Check PRIVATE_KEY -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi # Check RPC_URL +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_warn "RPC_URL not set in .env" + log_warn "Chain 138 RPC not configured" log_warn "Options:" echo "1. Start local Anvil testnet (for testing)" - echo "2. Set RPC_URL to existing blockchain endpoint" + echo "2. Set RPC_URL/RPC_URL_138 to existing blockchain endpoint" echo "3. Deploy blockchain infrastructure first (Azure/Kubernetes)" read -p "Choose option (1/2/3): " choice @@ -74,30 +55,12 @@ if [ -z "$RPC_URL" ]; then # Set RPC_URL RPC_URL="http://localhost:8545" - update_env() { - local key=$1 - local value=$2 - if grep -q "^${key}=" .env; then - sed -i "s|^${key}=.*|${key}=${value}|" .env - else - echo "${key}=${value}" >> .env - fi - } update_env "RPC_URL" "$RPC_URL" log_success "✅ RPC_URL set to: ${RPC_URL}" log_warn "Note: Anvil is running in background. Kill it with: kill $ANVIL_PID" ;; 2) read -p "Enter RPC URL: " RPC_URL - update_env() { - local key=$1 - local value=$2 - if grep -q "^${key}=" .env; then - sed -i "s|^${key}=.*|${key}=${value}|" .env - else - echo "${key}=${value}" >> .env - fi - } update_env "RPC_URL" "$RPC_URL" log_success "✅ RPC_URL set to: ${RPC_URL}" ;; @@ -116,6 +79,17 @@ if [ -z "$RPC_URL" ]; then esac fi +update_env() { + local key=$1 + local value=$2 + if grep -q "^${key}=" .env 2>/dev/null; then + sed -i "s|^${key}=.*|${key}=${value}|" .env + else + echo "${key}=${value}" >> .env + fi + log_success "✅ Updated .env: ${key}=${value}" +} + # Verify RPC endpoint is accessible log_warn "Verifying RPC endpoint..." if ! curl -s -X POST "$RPC_URL" -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' > /dev/null 2>&1; then @@ -200,7 +174,7 @@ if [ -z "$CCIP_FEE_TOKEN" ] || [ "$CCIP_FEE_TOKEN" = "0x000000000000000000000000 # Fund deployer with LINK tokens log_warn "Funding deployer with LINK tokens..." - DEPLOYER_ADDRESS=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo "") + DEPLOYER_ADDRESS="$(derive_deployer_address || true)" if [ -n "$DEPLOYER_ADDRESS" ]; then cast send "$CCIP_FEE_TOKEN" "mint(address,uint256)" "$DEPLOYER_ADDRESS" "1000000e18" \ --rpc-url "$RPC_URL" \ diff --git a/scripts/deployment/deploy-all-phases.sh b/scripts/deployment/deploy-all-phases.sh index 22d0c8b..2740d71 100755 --- a/scripts/deployment/deploy-all-phases.sh +++ b/scripts/deployment/deploy-all-phases.sh @@ -32,12 +32,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -if [ -f .env ]; then - set -a - source .env - set +a -fi - RPC="${RPC_URL_138:-http://192.168.11.211:8545}" GAS_PRICE="${GAS_PRICE_138:-1000000000}" DRY_RUN="" @@ -56,8 +50,7 @@ while [ $# -gt 0 ]; do shift done -if [ -z "${PRIVATE_KEY:-}" ]; then - echo "ERROR: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/deploy-all-ready-chains.sh b/scripts/deployment/deploy-all-ready-chains.sh index cbc9287..a7a4689 100755 --- a/scripts/deployment/deploy-all-ready-chains.sh +++ b/scripts/deployment/deploy-all-ready-chains.sh @@ -25,11 +25,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Source environment -if [ -f .env ]; then - source .env -fi - # Colors GREEN='\033[0;32m' YELLOW='\033[1;33m' @@ -43,8 +38,7 @@ echo -e "${BLUE}========================================${NC}" echo "" # Check prerequisites -if [ -z "${PRIVATE_KEY:-}" ]; then - echo -e "${RED}✗ PRIVATE_KEY not set in .env${NC}" +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/deploy-all.sh b/scripts/deployment/deploy-all.sh index 417b3f7..4a26f8c 100755 --- a/scripts/deployment/deploy-all.sh +++ b/scripts/deployment/deploy-all.sh @@ -29,16 +29,6 @@ fi DEPLOYMENT_LOG="${PROJECT_ROOT}/deployment.log" CONTRACT_ADDRESSES_FILE="${PROJECT_ROOT}/contracts-deployed.json" -# Load environment variables -if [ -f "${PROJECT_ROOT}/.env" ]; then - set -a - source "${PROJECT_ROOT}/.env" - set +a -else - log_error "Error: .env file not found. Please create .env file from .env.example" - exit 1 -fi - # Logging function log() { log_success "[$(date +'%Y-%m-%d %H:%M:%S')] $1" | tee -a "$DEPLOYMENT_LOG" @@ -132,6 +122,12 @@ check_prerequisites() { error "Required environment variable $var is not set" fi done + + if [ "$SKIP_CONTRACTS" != "true" ]; then + export RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" + require_private_key_env || exit 1 + [[ -n "${RPC_URL:-}" ]] || error "Required environment variable RPC_URL is not set" + fi if [ $missing -eq 0 ]; then log "All prerequisites met" diff --git a/scripts/deployment/deploy-bridges-config-ready-chains.sh b/scripts/deployment/deploy-bridges-config-ready-chains.sh index 9908ed4..3bb0c05 100755 --- a/scripts/deployment/deploy-bridges-config-ready-chains.sh +++ b/scripts/deployment/deploy-bridges-config-ready-chains.sh @@ -41,6 +41,10 @@ SIMULATE="${SIMULATE:-0}" PREFLIGHT="${PREFLIGHT:-1}" CHAIN="${1:-all}" +if [[ "$DRY_RUN" != "1" && "$SIMULATE" != "1" ]] && ! require_private_key_env; then + exit 1 +fi + # Per-chain env for DeployWETHBridges: RPC_URL, CCIP_ROUTER_ADDRESS, LINK_TOKEN_ADDRESS, WETH9_ADDRESS, WETH10_ADDRESS (0x0 to skip) run_deploy() { local chain_name="$1" @@ -59,10 +63,6 @@ run_deploy() { echo " Skip $chain_name: set ${rpc_var} and ${router_var} in .env" return 0 fi - if [[ -z "${PRIVATE_KEY:-}" ]]; then - echo " Skip $chain_name: PRIVATE_KEY not set" - return 0 - fi if [[ -z "$weth9" || -z "$weth10" ]]; then echo " Skip $chain_name: set ${weth9_var} and ${weth10_var} in .env (native wrapped token addresses from chain)" return 0 diff --git a/scripts/deployment/deploy-bridges-mainnet.sh b/scripts/deployment/deploy-bridges-mainnet.sh index 9cb9345..c36ef3c 100755 --- a/scripts/deployment/deploy-bridges-mainnet.sh +++ b/scripts/deployment/deploy-bridges-mainnet.sh @@ -24,15 +24,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - # Canonical addresses WETH9_ADDRESS="0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2" WETH10_ADDRESS="0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9f" @@ -49,23 +40,21 @@ fi log_success "✅ Wallet balances sufficient" # Check required variables +MAINNET_RPC_URL="${MAINNET_RPC_URL:-${ETHEREUM_MAINNET_RPC:-}}" if [ -z "$MAINNET_RPC_URL" ]; then MAINNET_RPC_URL="https://eth.llamarpc.com" log_warn "Using default Mainnet RPC: $MAINNET_RPC_URL" fi -if [ -z "$MAINNET_PRIVATE_KEY" ]; then - if [ -n "$PRIVATE_KEY" ]; then - MAINNET_PRIVATE_KEY="$PRIVATE_KEY" - log_warn "Using PRIVATE_KEY for Mainnet deployment" - else - log_error "Error: MAINNET_PRIVATE_KEY or PRIVATE_KEY not set" - exit 1 - fi +MAINNET_PRIVATE_KEY="${MAINNET_PRIVATE_KEY:-${PRIVATE_KEY:-}}" +export PRIVATE_KEY="$MAINNET_PRIVATE_KEY" +if ! require_private_key_env "Set MAINNET_PRIVATE_KEY or PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env."; then + exit 1 fi +MAINNET_PRIVATE_KEY="$PRIVATE_KEY" if [ -z "$MAINNET_CCIP_ROUTER" ]; then - log_error "Error: MAINNET_CCIP_ROUTER not set" + log_error "ERROR: MAINNET_CCIP_ROUTER not set" exit 1 fi diff --git a/scripts/deployment/deploy-ccip-router.sh b/scripts/deployment/deploy-ccip-router.sh index a6e659d..f403ae2 100755 --- a/scripts/deployment/deploy-ccip-router.sh +++ b/scripts/deployment/deploy-ccip-router.sh @@ -9,35 +9,13 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -fi - # Configuration -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" FEE_TOKEN="${FEE_TOKEN:-}" # LINK token address BASE_FEE="${BASE_FEE:-1000000000000000000}" # 1 LINK in wei DATA_FEE_PER_BYTE="${DATA_FEE_PER_BYTE:-1000000000000000}" # 0.001 LINK per byte -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -if [ -z "$FEE_TOKEN" ]; then - echo "Error: FEE_TOKEN environment variable not set (LINK token address)" - exit 1 -fi - -echo "Deploying CCIP Router..." -echo "RPC URL: $RPC_URL" -echo "Fee Token: $FEE_TOKEN" -echo "Base Fee: $BASE_FEE" -echo "Data Fee Per Byte: $DATA_FEE_PER_BYTE" - -# Deploy using Foundry cd "$PROJECT_ROOT" # Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then @@ -56,6 +34,22 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" +if ! require_private_key_env; then + exit 1 +fi + +if [ -z "$FEE_TOKEN" ]; then + echo "ERROR: FEE_TOKEN not available. Set it in smom-dbis-138/.env or repo .env." >&2 + exit 1 +fi + +echo "Deploying CCIP Router..." +echo "RPC URL: $RPC_URL" +echo "Fee Token: $FEE_TOKEN" +echo "Base Fee: $BASE_FEE" +echo "Data Fee Per Byte: $DATA_FEE_PER_BYTE" + forge script script/DeployCCIPRouter.s.sol \ --rpc-url "$RPC_URL" \ --broadcast \ diff --git a/scripts/deployment/deploy-ccip-weth10-bridge.sh b/scripts/deployment/deploy-ccip-weth10-bridge.sh index ed2a718..792a643 100755 --- a/scripts/deployment/deploy-ccip-weth10-bridge.sh +++ b/scripts/deployment/deploy-ccip-weth10-bridge.sh @@ -8,12 +8,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load environment -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -fi - -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" # CCIP Configuration @@ -23,29 +18,7 @@ CCIP_FEE_TOKEN="${CCIP_FEE_TOKEN:-}" # LINK token address # WETH10 address (canonical Mainnet address or deployed address) WETH10_ADDRESS="${WETH10_ADDRESS:-0xf4BB2e28688e89fCcE3c0580D37d36A7672E8A9F}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -if [ -z "$CCIP_ROUTER" ]; then - echo "Error: CCIP_ROUTER environment variable not set" - exit 1 -fi - -if [ -z "$CCIP_FEE_TOKEN" ]; then - echo "Error: CCIP_FEE_TOKEN environment variable not set" - exit 1 -fi - -echo "Deploying CCIPWETH10Bridge to ChainID 138..." -echo "RPC URL: $RPC_URL" -echo "CCIP Router: $CCIP_ROUTER" -echo "WETH10 Address: $WETH10_ADDRESS" -echo "Fee Token (LINK): $CCIP_FEE_TOKEN" - cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" @@ -62,6 +35,28 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" + +if ! require_private_key_env; then + exit 1 +fi + +if [ -z "$CCIP_ROUTER" ]; then + echo "ERROR: CCIP_ROUTER not available. Set it in smom-dbis-138/.env or repo .env." >&2 + exit 1 +fi + +if [ -z "$CCIP_FEE_TOKEN" ]; then + echo "ERROR: CCIP_FEE_TOKEN not available. Set it in smom-dbis-138/.env or repo .env." >&2 + exit 1 +fi + +echo "Deploying CCIPWETH10Bridge to ChainID 138..." +echo "RPC URL: $RPC_URL" +echo "CCIP Router: $CCIP_ROUTER" +echo "WETH10 Address: $WETH10_ADDRESS" +echo "Fee Token (LINK): $CCIP_FEE_TOKEN" + # Export environment variables for Foundry export PRIVATE_KEY export CCIP_ROUTER @@ -79,4 +74,3 @@ echo "Next steps:" echo "1. Save the deployed bridge address to your .env file" echo "2. Configure bridge destinations:" echo " ./scripts/deployment/configure-weth10-bridge.sh" - diff --git a/scripts/deployment/deploy-ccip-weth9-bridge.sh b/scripts/deployment/deploy-ccip-weth9-bridge.sh index a43044f..dbd366d 100755 --- a/scripts/deployment/deploy-ccip-weth9-bridge.sh +++ b/scripts/deployment/deploy-ccip-weth9-bridge.sh @@ -8,12 +8,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load environment -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -fi - -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" # CCIP Configuration @@ -23,29 +18,7 @@ CCIP_FEE_TOKEN="${CCIP_FEE_TOKEN:-}" # LINK token address # WETH9 address (canonical Mainnet address or deployed address) WETH9_ADDRESS="${WETH9_ADDRESS:-0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -if [ -z "$CCIP_ROUTER" ]; then - echo "Error: CCIP_ROUTER environment variable not set" - exit 1 -fi - -if [ -z "$CCIP_FEE_TOKEN" ]; then - echo "Error: CCIP_FEE_TOKEN environment variable not set" - exit 1 -fi - -echo "Deploying CCIPWETH9Bridge to ChainID 138..." -echo "RPC URL: $RPC_URL" -echo "CCIP Router: $CCIP_ROUTER" -echo "WETH9 Address: $WETH9_ADDRESS" -echo "Fee Token (LINK): $CCIP_FEE_TOKEN" - cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" @@ -62,6 +35,28 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" + +if ! require_private_key_env; then + exit 1 +fi + +if [ -z "$CCIP_ROUTER" ]; then + echo "ERROR: CCIP_ROUTER not available. Set it in smom-dbis-138/.env or repo .env." >&2 + exit 1 +fi + +if [ -z "$CCIP_FEE_TOKEN" ]; then + echo "ERROR: CCIP_FEE_TOKEN not available. Set it in smom-dbis-138/.env or repo .env." >&2 + exit 1 +fi + +echo "Deploying CCIPWETH9Bridge to ChainID 138..." +echo "RPC URL: $RPC_URL" +echo "CCIP Router: $CCIP_ROUTER" +echo "WETH9 Address: $WETH9_ADDRESS" +echo "Fee Token (LINK): $CCIP_FEE_TOKEN" + # Export environment variables for Foundry export PRIVATE_KEY export CCIP_ROUTER @@ -79,4 +74,3 @@ echo "Next steps:" echo "1. Save the deployed bridge address to your .env file" echo "2. Configure bridge destinations:" echo " ./scripts/deployment/configure-weth9-bridge.sh" - diff --git a/scripts/deployment/deploy-contracts-once-ready.sh b/scripts/deployment/deploy-contracts-once-ready.sh index bdd14b0..63d9485 100755 --- a/scripts/deployment/deploy-contracts-once-ready.sh +++ b/scripts/deployment/deploy-contracts-once-ready.sh @@ -30,22 +30,17 @@ RPC_URL="${RPC_URL:-http://localhost:8545}" PRIVATE_KEY="${PRIVATE_KEY:-}" NGINX_IP="${NGINX_PROXY_IP:-20.160.58.99}" -if [ -z "$PRIVATE_KEY" ]; then - echo "❌ Error: PRIVATE_KEY environment variable not set" +if ! require_private_key_env; then exit 1 fi - -# Ensure PRIVATE_KEY has 0x prefix -if [[ ! "$PRIVATE_KEY" =~ ^0x ]]; then - export PRIVATE_KEY="0x$PRIVATE_KEY" -fi +DEPLOYER="$(derive_deployer_address || echo 'unknown')" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "Deploy All Contracts - Network Ready" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" echo "RPC URL: $RPC_URL" -echo "Deployer: $(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo 'unknown')" +echo "Deployer: $DEPLOYER" echo "" # Step 1: Verify network is ready diff --git a/scripts/deployment/deploy-contracts-ordered.sh b/scripts/deployment/deploy-contracts-ordered.sh index c796921..ff4b496 100755 --- a/scripts/deployment/deploy-contracts-ordered.sh +++ b/scripts/deployment/deploy-contracts-ordered.sh @@ -28,23 +28,13 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Load environment variables -if [ ! -f .env ]; then - log_error "Error: .env file not found" - echo "Please create .env file with required variables" - exit 1 -fi - -source .env - -# Check required variables -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "Error: RPC_URL not set in .env" + log_error "ERROR: Chain 138 RPC not available. Set RPC_URL, RPC_URL_138, or CHAIN138_RPC_URL." exit 1 fi @@ -62,7 +52,7 @@ log_success "✅ RPC endpoint is accessible" update_env() { local key=$1 local value=$2 - if grep -q "^${key}=" .env; then + if grep -q "^${key}=" .env 2>/dev/null; then sed -i "s|^${key}=.*|${key}=${value}|" .env else echo "${key}=${value}" >> .env @@ -240,7 +230,7 @@ ORACLE_HEARTBEAT=${ORACLE_HEARTBEAT:-"60"} ORACLE_DEVIATION_THRESHOLD=${ORACLE_DEVIATION_THRESHOLD:-"50"} # Get deployer address -DEPLOYER_ADDRESS=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo "") + DEPLOYER_ADDRESS="$(derive_deployer_address || true)" if [ -z "$DEPLOYER_ADDRESS" ]; then log_warn "Warning: Could not get deployer address. Using script default" diff --git a/scripts/deployment/deploy-contracts-parallel.sh b/scripts/deployment/deploy-contracts-parallel.sh index 4753446..4a3f776 100755 --- a/scripts/deployment/deploy-contracts-parallel.sh +++ b/scripts/deployment/deploy-contracts-parallel.sh @@ -25,23 +25,14 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Load environment variables -if [ ! -f .env ]; then - log_error "Error: .env file not found" - echo "Please create .env file with required variables" - exit 1 -fi - -source .env - # Check required variables -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "Error: RPC_URL not set in .env" + log_error "ERROR: Chain 138 RPC not available. Set RPC_URL, RPC_URL_138, or CHAIN138_RPC_URL." exit 1 fi @@ -137,11 +128,8 @@ wait $MULTICALL_PID wait $WETH9_PID wait $WETH10_PID -# Reload .env to get deployed addresses -source .env - # Phase 2: CCIP Router (if needed) -if [ -z "$CCIP_ROUTER" ] || [ "$CCIP_ROUTER" = "0x0000000000000000000000000000000000000000" ]; then +if [ -z "${CCIP_ROUTER:-}" ] || [ "${CCIP_ROUTER:-}" = "0x0000000000000000000000000000000000000000" ]; then log_warn "Phase 2: Deploying CCIP Router..." CCIP_ROUTER_OUTPUT=$(forge_scoped script script/DeployCCIPRouter.s.sol:DeployCCIPRouter \ --sig "run(address,uint256,uint256)" \ @@ -161,11 +149,8 @@ else log_success "✅ CCIP Router already configured: $CCIP_ROUTER" fi -# Reload .env -source .env - # Phase 3: Bridge contracts (can be deployed in parallel if dependencies are met) -if [ "${DEPLOY_BRIDGES:-true}" = "true" ] && [ -n "$CCIP_ROUTER" ] && [ -n "$WETH9_ADDRESS" ] && [ -n "$WETH10_ADDRESS" ]; then +if [ "${DEPLOY_BRIDGES:-true}" = "true" ] && [ -n "${CCIP_ROUTER:-}" ] && [ -n "${WETH9_ADDRESS:-}" ] && [ -n "${WETH10_ADDRESS:-}" ]; then log_warn "Phase 3: Deploying CCIP bridges in parallel..." { @@ -234,7 +219,7 @@ log_warn "Phase 4: Deploying Oracle and MultiSig in parallel..." ORACLE_PID=$! # Deploy MultiSig (independent if owners are set) -if [ -z "$MULTISIG_OWNERS" ]; then +if [ -z "${MULTISIG_OWNERS:-}" ]; then log_warn "⚠️ MULTISIG_OWNERS not set. Skipping MultiSig deployment." log_warn "Set MULTISIG_OWNERS in .env (comma-separated addresses) to deploy." MULTISIG_PID="" @@ -261,12 +246,8 @@ if [ -n "$MULTISIG_PID" ]; then wait $MULTISIG_PID fi -# Reload .env to get all new addresses -source .env - # Final summary log_success "=== Deployment Summary ===" -source .env log_success "Multicall: ${MULTICALL_ADDRESS:-N/A}" log_success "WETH9: ${WETH9_ADDRESS:-N/A}" log_success "WETH10: ${WETH10_ADDRESS:-N/A}" diff --git a/scripts/deployment/deploy-contracts-unified.sh b/scripts/deployment/deploy-contracts-unified.sh index 26a725a..15c8ac5 100755 --- a/scripts/deployment/deploy-contracts-unified.sh +++ b/scripts/deployment/deploy-contracts-unified.sh @@ -28,7 +28,7 @@ fi # Default values MODE="${MODE:-ordered}" # ordered or parallel -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" DRY_RUN="${DRY_RUN:-false}" @@ -81,24 +81,19 @@ while [[ $# -gt 0 ]]; do usage ;; *) - echo "Unknown option: $1" + echo "ERROR: Unknown option: $1" >&2 usage ;; esac done -if [ -z "$PRIVATE_KEY" ]; then - if [ -f .env ]; then - source .env - fi - if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set. Use --private-key or set in .env" - exit 1 - fi +if ! require_private_key_env "Use --private-key or set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env."; then + exit 1 fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "Error: RPC_URL not set. Use --rpc-url or set in .env" + log_error "ERROR: Chain 138 RPC not available. Use --rpc-url or set RPC_URL/RPC_URL_138/CHAIN138_RPC_URL." exit 1 fi diff --git a/scripts/deployment/deploy-mainnet-tether-mirror.sh b/scripts/deployment/deploy-mainnet-tether-mirror.sh index 1aa1c67..5fc1dd9 100755 --- a/scripts/deployment/deploy-mainnet-tether-mirror.sh +++ b/scripts/deployment/deploy-mainnet-tether-mirror.sh @@ -8,46 +8,31 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../" && pwd)" cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" load_deployment_env --repo-root "${PROJECT_ROOT:-$REPO_ROOT}" -elif [[ -n "${PROJECT_ROOT:-}" && -f "$PROJECT_ROOT/.env" ]]; then +elif [[ -f "$PROJECT_ROOT/.env" ]]; then set -a # shellcheck disable=SC1090 source "$PROJECT_ROOT/.env" set +a -elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then - set -a - # shellcheck disable=SC1090 - source "$REPO_ROOT/.env" - set +a -fi - -# Source environment variables -if [ -f .env ]; then - source .env -else - echo "❌ Error: .env file not found" - exit 1 fi # Check required variables -if [ -z "$PRIVATE_KEY" ]; then - echo "❌ Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi if [ -z "$ETHEREUM_MAINNET_RPC" ]; then - echo "❌ Error: ETHEREUM_MAINNET_RPC not set in .env" + echo "ERROR: ETHEREUM_MAINNET_RPC not available. Set it in smom-dbis-138/.env or repo .env." >&2 exit 1 fi # Get deployer address -DEPLOYER=$(cast wallet address $PRIVATE_KEY 2>/dev/null || echo "") +DEPLOYER="$(derive_deployer_address || true)" if [ -z "$DEPLOYER" ]; then - echo "❌ Error: Could not derive deployer address from PRIVATE_KEY" + echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2 exit 1 fi @@ -87,7 +72,7 @@ echo "=== Deploying MainnetTether ===" LOG_FILE="/tmp/mainnet_tether_deploy.log" forge script script/DeployMainnetTether.s.sol \ --rpc-url "$ETHEREUM_MAINNET_RPC" \ - --private-key $PRIVATE_KEY \ + --private-key "$PRIVATE_KEY" \ --broadcast \ --verify \ --via-ir \ @@ -121,7 +106,7 @@ echo "=== Deploying TransactionMirror ===" LOG_FILE="/tmp/transaction_mirror_deploy.log" forge script script/DeployTransactionMirror.s.sol \ --rpc-url "$ETHEREUM_MAINNET_RPC" \ - --private-key $PRIVATE_KEY \ + --private-key "$PRIVATE_KEY" \ --broadcast \ --verify \ --via-ir \ @@ -171,4 +156,3 @@ if [ -n "$MAINNET_TETHER" ] && [ -n "$TRANSACTION_MIRROR" ]; then else echo "⚠️ Deployment incomplete - check logs for details" fi - diff --git a/scripts/deployment/deploy-multicall.sh b/scripts/deployment/deploy-multicall.sh index 1db6674..b5d37b0 100755 --- a/scripts/deployment/deploy-multicall.sh +++ b/scripts/deployment/deploy-multicall.sh @@ -8,17 +8,6 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -RPC_URL="${RPC_URL:-http://localhost:8545}" -PRIVATE_KEY="${PRIVATE_KEY:-}" - -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -echo "Deploying Multicall to ChainID 138..." -echo "RPC URL: $RPC_URL" - cd "$PROJECT_ROOT" # Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then @@ -37,6 +26,14 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" +if ! require_private_key_env; then + exit 1 +fi + +echo "Deploying Multicall to ChainID 138..." +echo "RPC URL: $RPC_URL" + forge script script/DeployMulticall.s.sol \ --rpc-url "$RPC_URL" \ --broadcast \ @@ -44,4 +41,3 @@ forge script script/DeployMulticall.s.sol \ --verify echo "Multicall deployment complete!" - diff --git a/scripts/deployment/deploy-multisig.sh b/scripts/deployment/deploy-multisig.sh index 505be45..95407db 100755 --- a/scripts/deployment/deploy-multisig.sh +++ b/scripts/deployment/deploy-multisig.sh @@ -29,13 +29,12 @@ RPC_URL="${RPC_URL:-http://localhost:8545}" PRIVATE_KEY="${PRIVATE_KEY:-}" OWNERS="${OWNERS:-}" # Comma-separated list of owner addresses -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY not set" +if ! require_private_key_env; then exit 1 fi if [ -z "$OWNERS" ]; then - echo "Error: OWNERS not set (comma-separated list)" + echo "ERROR: OWNERS not set. Provide a comma-separated owner list." >&2 exit 1 fi @@ -59,4 +58,3 @@ echo "Next steps:" echo "1. Transfer admin roles to multi-sig address" echo "2. Test multi-sig operations" echo "3. Document multi-sig procedures" - diff --git a/scripts/deployment/deploy-optional-future-all.sh b/scripts/deployment/deploy-optional-future-all.sh index 1cc935f..0d18dff 100755 --- a/scripts/deployment/deploy-optional-future-all.sh +++ b/scripts/deployment/deploy-optional-future-all.sh @@ -29,12 +29,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -if [ -f .env ]; then - set -a - source .env - set +a -fi - RPC="${RPC_URL_138:-http://192.168.11.211:8545}" # Default 2 gwei to reduce "Replacement transaction underpriced"; override with GAS_PRICE_138. GAS_PRICE="${GAS_PRICE_138:-2000000000}" @@ -52,8 +46,7 @@ while [ $# -gt 0 ]; do shift done -if [ -z "${PRIVATE_KEY:-}" ]; then - echo "ERROR: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/deploy-phase2-and-contracts-parallel.sh b/scripts/deployment/deploy-phase2-and-contracts-parallel.sh index 8a93394..87cd1da 100755 --- a/scripts/deployment/deploy-phase2-and-contracts-parallel.sh +++ b/scripts/deployment/deploy-phase2-and-contracts-parallel.sh @@ -25,14 +25,7 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Load environment variables -if [ ! -f .env ]; then - log_error "Error: .env file not found" - echo "Please create .env file with required variables" - exit 1 -fi - -source .env +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "Phase 2 + Contract Deployment - Full Parallel Mode" @@ -123,7 +116,6 @@ PHASE2_VERIFY_PID=$! if [ -n "$CONTRACTS_PID" ] && [ -n "$RPC_URL" ]; then ( log_warn "Verifying contracts..." - source .env if ./scripts/deployment/verify-contracts-parallel.sh > /tmp/contracts-verify.out 2>&1; then log_success "✅ Contracts verified" else @@ -166,4 +158,3 @@ echo "Next steps:" echo "1. Review Phase 2 services: ./terraform/phases/phase2/scripts/status.sh all" echo "2. Verify contracts: ./scripts/deployment/verify-contracts-parallel.sh" echo "3. Check deployment outputs: terraform/phases/phase2/terraform output" - diff --git a/scripts/deployment/deploy-phase2-from-proxy.sh b/scripts/deployment/deploy-phase2-from-proxy.sh index dc26a0c..b7f3c09 100755 --- a/scripts/deployment/deploy-phase2-from-proxy.sh +++ b/scripts/deployment/deploy-phase2-from-proxy.sh @@ -31,15 +31,6 @@ echo "Phase 2 Deployment from Proxy Host" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" -# Check if .env exists -if [ ! -f .env ]; then - echo "Error: .env file not found" - echo "Please ensure .env is available on this host" - exit 1 -fi - -source .env - # Change to Phase 2 directory cd terraform/phases/phase2 @@ -64,4 +55,3 @@ echo "" echo "Next steps:" echo "1. Start services: ./terraform/phases/phase2/scripts/start-services.sh all" echo "2. Check status: ./terraform/phases/phase2/scripts/status.sh all" - diff --git a/scripts/deployment/deploy-sufficient-balance-chains.sh b/scripts/deployment/deploy-sufficient-balance-chains.sh index 9ccdc1a..bf7d022 100755 --- a/scripts/deployment/deploy-sufficient-balance-chains.sh +++ b/scripts/deployment/deploy-sufficient-balance-chains.sh @@ -27,21 +27,13 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Load .env -if [ -f .env ]; then - set -a - source .env - set +a -fi - GREEN='\033[0;32m' YELLOW='\033[1;33m' RED='\033[0;31m' BLUE='\033[0;34m' NC='\033[0m' -if [ -z "${PRIVATE_KEY:-}" ]; then - echo -e "${RED}ERROR: PRIVATE_KEY not set in .env${NC}" +if ! require_private_key_env; then exit 1 fi diff --git a/scripts/deployment/deploy-vault-system-and-ac-vdc-sdc.sh b/scripts/deployment/deploy-vault-system-and-ac-vdc-sdc.sh index bacf3a5..043e799 100755 --- a/scripts/deployment/deploy-vault-system-and-ac-vdc-sdc.sh +++ b/scripts/deployment/deploy-vault-system-and-ac-vdc-sdc.sh @@ -28,13 +28,9 @@ RPC_URL="${RPC_URL_138:-http://192.168.11.211:8545}" GAS_PRICE="${GAS_PRICE:-1000000000}" CHAIN_ID="${CHAIN_ID:-138}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY not set (e.g. in smom-dbis-138/.env)" +if ! require_private_key_env; then exit 1 fi -if [[ ! "$PRIVATE_KEY" =~ ^0x ]]; then - export PRIVATE_KEY="0x$PRIVATE_KEY" -fi echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "1. Deploy Vault System (DeployVaultSystem.s.sol)" diff --git a/scripts/deployment/deploy-weth-create.sh b/scripts/deployment/deploy-weth-create.sh index b7787dc..d116d97 100755 --- a/scripts/deployment/deploy-weth-create.sh +++ b/scripts/deployment/deploy-weth-create.sh @@ -30,16 +30,10 @@ fi RPC_URL="${RPC_URL:-http://localhost:8545}" PRIVATE_KEY="${PRIVATE_KEY:-}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" +if ! require_private_key_env; then exit 1 fi -# Ensure PRIVATE_KEY has 0x prefix -if [[ ! "$PRIVATE_KEY" =~ ^0x ]]; then - export PRIVATE_KEY="0x$PRIVATE_KEY" -fi - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🚀 Deploying WETH9 and WETH10 using CREATE (vm.etch)" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" @@ -135,4 +129,3 @@ echo " 1. If deployment failed, try using fork mode: --fork-url \$RPC_URL" echo " 2. Or calculate CREATE nonce: node scripts/utils/calculate-create-address.js" echo " 3. Or use address mapping for deployed addresses" echo "" - diff --git a/scripts/deployment/deploy-weth-create2.sh b/scripts/deployment/deploy-weth-create2.sh index 8200754..131146b 100755 --- a/scripts/deployment/deploy-weth-create2.sh +++ b/scripts/deployment/deploy-weth-create2.sh @@ -29,16 +29,10 @@ fi RPC_URL="${RPC_URL:-http://localhost:8545}" PRIVATE_KEY="${PRIVATE_KEY:-}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" +if ! require_private_key_env; then exit 1 fi -# Ensure PRIVATE_KEY has 0x prefix -if [[ ! "$PRIVATE_KEY" =~ ^0x ]]; then - export PRIVATE_KEY="0x$PRIVATE_KEY" -fi - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🚀 Deploying WETH9 and WETH10 using CREATE2" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" @@ -149,4 +143,3 @@ echo "📋 Next Steps:" echo " 1. Verify contract functionality" echo " 2. Update .env with deployment details if needed" echo "" - diff --git a/scripts/deployment/deploy-weth-unified.sh b/scripts/deployment/deploy-weth-unified.sh index 47698df..91f8fcb 100755 --- a/scripts/deployment/deploy-weth-unified.sh +++ b/scripts/deployment/deploy-weth-unified.sh @@ -12,8 +12,12 @@ PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" METHOD="${METHOD:-create}" TOKEN="${TOKEN:-both}" # weth9, weth10, or both DEPLOY_BRIDGE="${DEPLOY_BRIDGE:-false}" -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" +rpc_url_override=false +private_key_override=false +CLI_RPC_URL="" +CLI_PRIVATE_KEY="" usage() { cat <&2 usage ;; esac done -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then # shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" @@ -98,6 +100,20 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +if [[ "$rpc_url_override" == true ]]; then + RPC_URL="$CLI_RPC_URL" +else + RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" +fi + +if [[ "$private_key_override" == true ]]; then + export PRIVATE_KEY="$CLI_PRIVATE_KEY" +fi + +if ! require_private_key_env; then + exit 1 +fi + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🚀 Unified WETH Deployment" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" @@ -136,8 +152,8 @@ case "$METHOD" in exit 1 ;; *) - echo "Error: Unknown method: $METHOD" - echo "Valid methods: create, create2, genesis" + echo "ERROR: Unknown method: $METHOD" >&2 + echo "Valid methods: create, create2, genesis" >&2 exit 1 ;; esac diff --git a/scripts/deployment/deploy-weth-with-ccip.sh b/scripts/deployment/deploy-weth-with-ccip.sh index a9fda6e..878e628 100755 --- a/scripts/deployment/deploy-weth-with-ccip.sh +++ b/scripts/deployment/deploy-weth-with-ccip.sh @@ -8,12 +8,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -# Load environment -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -fi - -RPC_URL="${RPC_URL:-http://localhost:8545}" +RPC_URL="${RPC_URL:-}" PRIVATE_KEY="${PRIVATE_KEY:-}" # CCIP Configuration @@ -29,19 +24,37 @@ DEPLOY_BRIDGES="${DEPLOY_BRIDGES:-true}" WETH9_ADDRESS="${WETH9_ADDRESS:-}" WETH10_ADDRESS="${WETH10_ADDRESS:-}" -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" +cd "$PROJECT_ROOT" +# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. +if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then + # shellcheck disable=SC1090 + source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" + load_deployment_env --repo-root "${PROJECT_ROOT:-$REPO_ROOT}" +elif [[ -n "${PROJECT_ROOT:-}" && -f "$PROJECT_ROOT/.env" ]]; then + set -a + # shellcheck disable=SC1090 + source "$PROJECT_ROOT/.env" + set +a +elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then + set -a + # shellcheck disable=SC1090 + source "$REPO_ROOT/.env" + set +a +fi + +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" + +if ! require_private_key_env; then exit 1 fi if [ "$DEPLOY_BRIDGES" = "true" ]; then if [ -z "$CCIP_ROUTER" ]; then - echo "Error: CCIP_ROUTER environment variable not set (required for bridge deployment)" + echo "ERROR: CCIP_ROUTER not available. Set it in smom-dbis-138/.env or repo .env." >&2 exit 1 fi - if [ -z "$CCIP_FEE_TOKEN" ]; then - echo "Error: CCIP_FEE_TOKEN environment variable not set (required for bridge deployment)" + echo "ERROR: CCIP_FEE_TOKEN not available. Set it in smom-dbis-138/.env or repo .env." >&2 exit 1 fi fi @@ -68,24 +81,6 @@ if [ -n "$WETH10_ADDRESS" ]; then fi echo "=========================================" -cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. -if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then - # shellcheck disable=SC1090 - source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" - load_deployment_env --repo-root "${PROJECT_ROOT:-$REPO_ROOT}" -elif [[ -n "${PROJECT_ROOT:-}" && -f "$PROJECT_ROOT/.env" ]]; then - set -a - # shellcheck disable=SC1090 - source "$PROJECT_ROOT/.env" - set +a -elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then - set -a - # shellcheck disable=SC1090 - source "$REPO_ROOT/.env" - set +a -fi - # Export environment variables for Foundry export PRIVATE_KEY export CCIP_ROUTER @@ -117,4 +112,3 @@ echo "2. Configure bridge destinations:" echo " ./scripts/deployment/configure-weth9-bridge.sh" echo " ./scripts/deployment/configure-weth10-bridge.sh" echo "3. Test cross-chain transfers" - diff --git a/scripts/deployment/deploy-weth.sh b/scripts/deployment/deploy-weth.sh index 6379ff1..cdbe71d 100755 --- a/scripts/deployment/deploy-weth.sh +++ b/scripts/deployment/deploy-weth.sh @@ -8,17 +8,6 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -RPC_URL="${RPC_URL:-http://localhost:8545}" -PRIVATE_KEY="${PRIVATE_KEY:-}" - -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -echo "Deploying WETH to ChainID 138..." -echo "RPC URL: $RPC_URL" - cd "$PROJECT_ROOT" # Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then @@ -37,6 +26,14 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" +if ! require_private_key_env; then + exit 1 +fi + +echo "Deploying WETH to ChainID 138..." +echo "RPC URL: $RPC_URL" + forge script script/DeployWETH.s.sol \ --rpc-url "$RPC_URL" \ --broadcast \ @@ -44,4 +41,3 @@ forge script script/DeployWETH.s.sol \ --verify echo "WETH deployment complete!" - diff --git a/scripts/deployment/deploy-weth10.sh b/scripts/deployment/deploy-weth10.sh index ab939a9..ecd5a1e 100755 --- a/scripts/deployment/deploy-weth10.sh +++ b/scripts/deployment/deploy-weth10.sh @@ -8,17 +8,6 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" -RPC_URL="${RPC_URL:-http://localhost:8545}" -PRIVATE_KEY="${PRIVATE_KEY:-}" - -if [ -z "$PRIVATE_KEY" ]; then - echo "Error: PRIVATE_KEY environment variable not set" - exit 1 -fi - -echo "Deploying WETH10 to ChainID 138..." -echo "RPC URL: $RPC_URL" - cd "$PROJECT_ROOT" # Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then @@ -37,6 +26,14 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-http://localhost:8545}}}" +if ! require_private_key_env; then + exit 1 +fi + +echo "Deploying WETH10 to ChainID 138..." +echo "RPC URL: $RPC_URL" + forge script script/DeployWETH10.s.sol \ --rpc-url "$RPC_URL" \ --broadcast \ @@ -44,4 +41,3 @@ forge script script/DeployWETH10.s.sol \ --verify echo "WETH10 deployment complete!" - diff --git a/scripts/deployment/dry-run-mainnet-deployment.sh b/scripts/deployment/dry-run-mainnet-deployment.sh index ae742ff..79601eb 100755 --- a/scripts/deployment/dry-run-mainnet-deployment.sh +++ b/scripts/deployment/dry-run-mainnet-deployment.sh @@ -7,18 +7,15 @@ set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "$SCRIPT_DIR/../lib/init.sh" PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then + # shellcheck disable=SC1090 + source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" + load_deployment_env --repo-root "$PROJECT_ROOT" +fi log_info "=== Ethereum Mainnet Deployment Dry-Run ===" -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - ERRORS=0 WARNINGS=0 @@ -64,7 +61,7 @@ log_info "Step 2: Validating environment variables..." # Required variables REQUIRED_VARS=("PRIVATE_KEY" "ETHEREUM_MAINNET_RPC") for var in "${REQUIRED_VARS[@]}"; do - if [ -z "${!var}" ]; then + if [ -z "${!var:-}" ]; then log_error "❌ Missing required variable: $var" ((ERRORS++)) else @@ -73,7 +70,7 @@ for var in "${REQUIRED_VARS[@]}"; do done # Optional but recommended -if [ -z "$CCIP_ETH_ROUTER" ]; then +if [ -z "${CCIP_ETH_ROUTER:-}" ]; then CCIP_ETH_ROUTER="0x80226fc0Ee2b096224EeAc085Bb9a8cba1146f7D" log_warn "⚠️ CCIP_ETH_ROUTER not set, using default: $CCIP_ETH_ROUTER" ((WARNINGS++)) @@ -81,7 +78,7 @@ else validate_address "$CCIP_ETH_ROUTER" "CCIP_ETH_ROUTER" fi -if [ -z "$CCIP_FEE_TOKEN" ]; then +if [ -z "${CCIP_FEE_TOKEN:-}" ]; then CCIP_FEE_TOKEN="0x514910771AF9Ca656af840dff83E8264EcF986CA" # LINK token log_warn "⚠️ CCIP_FEE_TOKEN not set, using default: $CCIP_FEE_TOKEN" ((WARNINGS++)) @@ -108,16 +105,6 @@ validate_address "$WETH10_ADDRESS" "WETH10" # Step 4: Compile contracts log_info "Step 4: Compiling contracts..." cd "$PROJECT_ROOT" -# Load .env via dotenv (RPC CR/LF trim). Fallback: raw source. -if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then - # shellcheck disable=SC1090 - source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" - load_deployment_env --repo-root "${PROJECT_ROOT:-$REPO_ROOT}" -elif [[ -n "${PROJECT_ROOT:-}" && -f "$PROJECT_ROOT/.env" ]]; then - set -a - # shellcheck disable=SC1090 - source "$PROJECT_ROOT/.env" - set +a elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set -a # shellcheck disable=SC1090 diff --git a/scripts/deployment/fix-nonce-and-retry.sh b/scripts/deployment/fix-nonce-and-retry.sh index b7eb75b..325ede0 100755 --- a/scripts/deployment/fix-nonce-and-retry.sh +++ b/scripts/deployment/fix-nonce-and-retry.sh @@ -36,7 +36,8 @@ case "$(echo "$CHAIN" | tr '[:upper:]' '[:lower:]')" in esac if [[ -z "$RPC" ]]; then echo "RPC not set for $CHAIN"; exit 1; fi -DEPLOYER=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || true) +DEPLOYER="$(require_deployer_address || true)" +[[ -n "$DEPLOYER" ]] || exit 1 NONCE=$(cast nonce "$DEPLOYER" --rpc-url "$RPC" 2>/dev/null || echo "0") echo "Deployer: $DEPLOYER" echo "Current on-chain nonce: $NONCE" diff --git a/scripts/deployment/get-wallet-address.sh b/scripts/deployment/get-wallet-address.sh index de0a7a3..bc65faa 100755 --- a/scripts/deployment/get-wallet-address.sh +++ b/scripts/deployment/get-wallet-address.sh @@ -24,16 +24,6 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Colors - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - log_info "=== Wallet Address from .env Private Key ===" # Check if cast is available @@ -43,17 +33,15 @@ if ! command -v cast &> /dev/null; then fi # Get private key from .env -if [ -z "$PRIVATE_KEY" ]; then - log_error "Error: PRIVATE_KEY not set in .env" +if ! require_private_key_env; then exit 1 fi # Derive address -WALLET_ADDRESS=$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || echo "") +WALLET_ADDRESS="$(derive_deployer_address || true)" if [ -z "$WALLET_ADDRESS" ]; then - log_error "Error: Could not derive address from private key" - echo "Please check that PRIVATE_KEY is valid (should start with 0x and be 66 characters)" + log_error "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." exit 1 fi @@ -71,15 +59,13 @@ echo " Recommended: 2 ETH (with buffer)" echo " Purpose: Gas fees for bridge deployment" # Show balances if RPC is available +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" +MAINNET_RPC_URL="${MAINNET_RPC_URL:-${ETHEREUM_MAINNET_RPC:-}}" if [ -n "$RPC_URL" ]; then log_info "=== Current Balances ===" # Check Mainnet balance - if [ -n "$MAINNET_RPC_URL" ]; then - MAINNET_RPC="$MAINNET_RPC_URL" - else - MAINNET_RPC="https://eth.llamarpc.com" - fi + MAINNET_RPC="${MAINNET_RPC_URL:-https://eth.llamarpc.com}" MAINNET_BALANCE=$(cast balance "$WALLET_ADDRESS" --rpc-url "$MAINNET_RPC" 2>/dev/null || echo "0") MAINNET_ETH=$(cast --to-unit "$MAINNET_BALANCE" ether 2>/dev/null || echo "0") diff --git a/scripts/deployment/list-deployer-tokens-all-networks.sh b/scripts/deployment/list-deployer-tokens-all-networks.sh index 96d7281..d9ee324 100755 --- a/scripts/deployment/list-deployer-tokens-all-networks.sh +++ b/scripts/deployment/list-deployer-tokens-all-networks.sh @@ -38,13 +38,13 @@ if [ -f .env ]; then set +a fi -# Deployer: derive from PRIVATE_KEY or use DEPLOYER_ADDRESS if set (read-only mode) +# Deployer: prefer DEPLOYER_ADDRESS from loader; otherwise derive from PRIVATE_KEY. if [ -n "${DEPLOYER_ADDRESS:-}" ]; then DEPLOYER="${DEPLOYER_ADDRESS}" [[ "$DEPLOYER" != 0x* ]] && DEPLOYER="0x$DEPLOYER" else if [ -z "${PRIVATE_KEY:-}" ]; then - echo "ERROR: Set PRIVATE_KEY in .env or DEPLOYER_ADDRESS=0x4A666F96fC8764181194447A7dFdb7d471b301C8 for read-only" + echo "ERROR: Set PRIVATE_KEY in .env or DEPLOYER_ADDRESS=0x... for read-only" exit 1 fi DEPLOYER=$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true) @@ -129,7 +129,7 @@ echo "============================================" # Fallback public RPCs when env not set (so token lists are always shown) RPC_138="${RPC_URL_138:-https://rpc-core.d-bis.org}" RPC_1="${ETHEREUM_MAINNET_RPC:-https://eth.llamarpc.com}" -RPC_651940="${CHAIN_651940_RPC:-${ALLTRA_MAINNET_RPC:-https://mainnet-rpc.alltra.global}}" +RPC_651940="${CHAIN_651940_RPC:-${CHAIN_651940_RPC_URL:-${ALL_MAINNET_RPC:-${ALLTRA_MAINNET_RPC:-https://mainnet-rpc.alltra.global}}}}" RPC_25="${CRONOS_RPC:-${CRONOS_MAINNET_RPC:-https://evm.cronos.org}}" RPC_137="${POLYGON_MAINNET_RPC:-https://polygon-rpc.com}" RPC_8453="${BASE_MAINNET_RPC:-https://mainnet.base.org}" diff --git a/scripts/deployment/preflight-config-ready-chains.sh b/scripts/deployment/preflight-config-ready-chains.sh index 4fbbd5c..7fffad0 100755 --- a/scripts/deployment/preflight-config-ready-chains.sh +++ b/scripts/deployment/preflight-config-ready-chains.sh @@ -14,7 +14,7 @@ PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" cd "$PROJECT_ROOT" if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then - # shellcheck disable=SC1090 +# shellcheck disable=SC1090 source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" load_deployment_env --repo-root "$PROJECT_ROOT" elif [[ -f "$PROJECT_ROOT/.env" ]]; then @@ -49,13 +49,9 @@ if [[ -n "${DEPLOYER_ADDRESS:-}" ]]; then DEPLOYER="${DEPLOYER_ADDRESS}" [[ "$DEPLOYER" != 0x* ]] && DEPLOYER="0x$DEPLOYER" else - if [[ -z "${PRIVATE_KEY:-}" ]]; then - echo "Error: Set PRIVATE_KEY in .env or DEPLOYER_ADDRESS for read-only check" >&2 - exit 1 - fi - DEPLOYER=$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true) + DEPLOYER="$(derive_deployer_address 2>/dev/null || true)" if [[ -z "$DEPLOYER" ]]; then - echo "Error: Could not derive deployer from PRIVATE_KEY (is 'cast' available?)" >&2 + echo "Error: Set PRIVATE_KEY or DEPLOYER_ADDRESS for read-only check." >&2 exit 1 fi fi diff --git a/scripts/deployment/run-e2e-trustless-live-test.sh b/scripts/deployment/run-e2e-trustless-live-test.sh index 6b9040c..37efb75 100755 --- a/scripts/deployment/run-e2e-trustless-live-test.sh +++ b/scripts/deployment/run-e2e-trustless-live-test.sh @@ -45,8 +45,9 @@ export RPC_URL_138="${RPC_URL_138:-${CHAIN_138_RPC_URL:-}}" export ETHEREUM_MAINNET_RPC="${ETHEREUM_MAINNET_RPC:-}" # Require key and RPCs so we fail with a clear message instead of "Invalid params" -[[ -n "${PRIVATE_KEY:-}" ]] || { echo "PRIVATE_KEY not set in .env"; exit 1; } -RECIPIENT=$(cast wallet address "$PRIVATE_KEY") +require_private_key_env || exit 1 +RECIPIENT="$(derive_deployer_address || true)" +[[ -n "$RECIPIENT" ]] || { echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2; exit 1; } NONCE=$(cast keccak "e2e-$(date +%s)" | tr -d '\n\r') # 0.001 ether in wei AMOUNT_WEI="${AMOUNT_WEI:-1000000000000000}" diff --git a/scripts/deployment/seed-chain138-canonical-pmm-pools.sh b/scripts/deployment/seed-chain138-canonical-pmm-pools.sh index 552e1d9..0549520 100755 --- a/scripts/deployment/seed-chain138-canonical-pmm-pools.sh +++ b/scripts/deployment/seed-chain138-canonical-pmm-pools.sh @@ -34,9 +34,10 @@ XAU_SEED_OZ="${XAU_SEED_OZ:-100}" XAU_SPOT_USD="${XAU_SPOT_USD:-4506.30}" [[ -n "$DODO_PMM_INTEGRATION_ADDRESS" ]] || { echo "DODO_PMM_INTEGRATION_ADDRESS not set" >&2; exit 1; } -[[ -n "$PRIVATE_KEY" ]] || { echo "PRIVATE_KEY not set" >&2; exit 1; } +require_private_key_env || exit 1 -DEPLOYER="$(cast wallet address --private-key "$PRIVATE_KEY")" +DEPLOYER="$(derive_deployer_address || true)" +[[ -n "$DEPLOYER" ]] || { echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2; exit 1; } MAX_UINT='115792089237316195423570985008687907853269984665640564039457584007913129639935' ZERO_ADDR='0x0000000000000000000000000000000000000000' diff --git a/scripts/deployment/start-deployment.sh b/scripts/deployment/start-deployment.sh index df2a2c3..2640747 100755 --- a/scripts/deployment/start-deployment.sh +++ b/scripts/deployment/start-deployment.sh @@ -5,6 +5,14 @@ set -e +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" +if [[ -f "$SCRIPT_DIR/../lib/deployment/dotenv.sh" ]]; then + # shellcheck disable=SC1090 + source "$SCRIPT_DIR/../lib/deployment/dotenv.sh" + load_deployment_env --repo-root "$PROJECT_ROOT" +fi + echo "==========================================" echo " Trustless Bridge Deployment" echo "==========================================" @@ -22,20 +30,10 @@ if ! command -v forge &> /dev/null; then fi echo "✓ Foundry installed" -# Check .env file -if [ ! -f .env ]; then - echo "✗ Error: .env file not found" - exit 1 -fi -echo "✓ .env file exists" - -# Load environment -source .env 2>/dev/null || true - # Check required variables MISSING=0 for var in PRIVATE_KEY ETHEREUM_MAINNET_RPC RPC_URL_138 ETHERSCAN_API_KEY; do - if [ -z "${!var}" ] || [ "${!var}" == "0x..." ] || [ "${!var}" == "your_etherscan_api_key" ]; then + if [ -z "${!var:-}" ] || [ "${!var:-}" == "0x..." ] || [ "${!var:-}" == "your_etherscan_api_key" ]; then echo "✗ $var: Not set" MISSING=1 fi diff --git a/scripts/deployment/sync-chain138-pmm-pools-from-json.sh b/scripts/deployment/sync-chain138-pmm-pools-from-json.sh index 97092ef..c33c10a 100755 --- a/scripts/deployment/sync-chain138-pmm-pools-from-json.sh +++ b/scripts/deployment/sync-chain138-pmm-pools-from-json.sh @@ -62,7 +62,9 @@ command -v jq >/dev/null 2>&1 || { echo "jq is required" >&2; exit 1; } command -v cast >/dev/null 2>&1 || { echo "cast is required" >&2; exit 1; } [[ -n "$DODO_PMM_INTEGRATION_ADDRESS" ]] || { echo "DODO_PMM_INTEGRATION_ADDRESS not set" >&2; exit 1; } [[ -n "$DODO_PMM_PROVIDER_ADDRESS" ]] || { echo "DODO_PMM_PROVIDER_ADDRESS not set" >&2; exit 1; } -[[ "$DRY_RUN" == "1" || -n "${PRIVATE_KEY:-}" ]] || { echo "PRIVATE_KEY not set (required unless DRY_RUN=1)" >&2; exit 1; } +if [[ "$DRY_RUN" != "1" ]]; then + require_private_key_env || exit 1 +fi CHAIN_GAS_PRICE="${CHAIN_GAS_PRICE:-1000000000}" TX_TIMEOUT_SECONDS="${TX_TIMEOUT_SECONDS:-120}" POST_CREATE_POLL_SECONDS="${POST_CREATE_POLL_SECONDS:-20}" @@ -149,8 +151,8 @@ failed=0 CURRENT_NONCE="" if [[ "$DRY_RUN" != "1" ]]; then - DEPLOYER_ADDRESS="$(cast wallet address --private-key "$PRIVATE_KEY" 2>/dev/null || true)" - [[ -n "$DEPLOYER_ADDRESS" ]] || { echo "Failed to derive deployer address from PRIVATE_KEY" >&2; exit 1; } + DEPLOYER_ADDRESS="$(derive_deployer_address || true)" + [[ -n "$DEPLOYER_ADDRESS" ]] || { echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2; exit 1; } fi rpc_call() { diff --git a/scripts/deployment/verify-contract-etherscan.sh b/scripts/deployment/verify-contract-etherscan.sh index 25ac21c..6bcae24 100755 --- a/scripts/deployment/verify-contract-etherscan.sh +++ b/scripts/deployment/verify-contract-etherscan.sh @@ -24,19 +24,10 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi - -# Load environment variables -if [ -f "$PROJECT_ROOT/.env" ]; then - source "$PROJECT_ROOT/.env" -else - log_error "Error: .env file not found" - exit 1 -fi - log_info "=== Etherscan Contract Verification ===" if [ -z "$ETHERSCAN_API_KEY" ]; then - log_error "Error: ETHERSCAN_API_KEY not set in .env" + log_error "ERROR: ETHERSCAN_API_KEY not available. Set it in smom-dbis-138/.env or repo .env." exit 1 fi diff --git a/scripts/deployment/verify-contract-ownership.sh b/scripts/deployment/verify-contract-ownership.sh index cd23c06..c13a237 100755 --- a/scripts/deployment/verify-contract-ownership.sh +++ b/scripts/deployment/verify-contract-ownership.sh @@ -26,15 +26,11 @@ fi # Get deployer address -if [ -z "${PRIVATE_KEY:-}" ]; then - echo "Error: PRIVATE_KEY not set in .env" +DEPLOYER="$(require_deployer_address || true)" +if [[ -z "$DEPLOYER" ]]; then exit 1 fi -PRIVATE_KEY_FIXED="${PRIVATE_KEY}" -[[ "$PRIVATE_KEY_FIXED" != 0x* ]] && PRIVATE_KEY_FIXED="0x${PRIVATE_KEY_FIXED}" -DEPLOYER=$(cast wallet address "$PRIVATE_KEY_FIXED" 2>/dev/null | head -1) - echo "==========================================" echo "Contract Ownership Verification" echo "==========================================" @@ -185,4 +181,3 @@ fi echo "==========================================" echo "Ownership Verification Complete" echo "==========================================" - diff --git a/scripts/deployment/verify-contracts-parallel.sh b/scripts/deployment/verify-contracts-parallel.sh index ec073e6..ed11f56 100755 --- a/scripts/deployment/verify-contracts-parallel.sh +++ b/scripts/deployment/verify-contracts-parallel.sh @@ -25,18 +25,10 @@ elif [[ -n "${REPO_ROOT:-}" && -f "$REPO_ROOT/.env" ]]; then set +a fi -# Load environment variables -if [ ! -f .env ]; then - log_error "Error: .env file not found" - echo "Please create .env file with required variables" - exit 1 -fi - -source .env - # Check required variables +RPC_URL="${RPC_URL:-${RPC_URL_138:-${CHAIN138_RPC_URL:-}}}" if [ -z "$RPC_URL" ]; then - log_error "Error: RPC_URL not set in .env" + log_error "ERROR: Chain 138 RPC not available. Set RPC_URL, RPC_URL_138, or CHAIN138_RPC_URL." exit 1 fi @@ -90,7 +82,7 @@ CONTRACTS=( for contract_info in "${CONTRACTS[@]}"; do IFS=':' read -r env_var name <<< "$contract_info" - address="${!env_var}" + address="${!env_var:-}" if [ -n "$address" ]; then output_file="${TEMP_DIR}/${env_var}.out" @@ -132,4 +124,3 @@ else log_error "❌ ${FAILED} out of ${TOTAL} contract(s) failed verification" exit 1 fi - diff --git a/scripts/deployment/verify-env.sh b/scripts/deployment/verify-env.sh index c2dd5d7..a63836f 100755 --- a/scripts/deployment/verify-env.sh +++ b/scripts/deployment/verify-env.sh @@ -148,6 +148,13 @@ fi echo +log_info "External Dependency Blockers:" +if ! bash "$PROJECT_ROOT/scripts/verify/check-external-dependencies.sh" --advisory; then + true +fi + +echo + # Optional Configuration log_info "Optional Configuration:" if [ -n "${AZURE_CLIENT_ID:-}" ]; then @@ -200,4 +207,3 @@ else info "Run: ./scripts/deployment/populate-env.sh to complete setup" exit 1 fi - diff --git a/scripts/lib/deployment/dotenv.sh b/scripts/lib/deployment/dotenv.sh index 9f34a4a..d022b01 100644 --- a/scripts/lib/deployment/dotenv.sh +++ b/scripts/lib/deployment/dotenv.sh @@ -12,6 +12,77 @@ _LIB_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" [[ -z "${PROJECT_ROOT:-}" ]] && PROJECT_ROOT="$(cd "$_LIB_DIR/../../.." && pwd)" source "$_LIB_DIR/../forge-scope.sh" +_dep_dotenv_source() { + local f="$1" + [[ -f "$f" ]] || return 0 + local had_nounset=0 + if [[ $- == *u* ]]; then + had_nounset=1 + set +u + fi + set -a + # shellcheck disable=SC1090 + source "$f" + set +a + (( had_nounset )) && set -u +} + +_dep_export_from_private_key() { + [[ -n "${DEPLOYER_ADDRESS:-}" || -z "${PRIVATE_KEY:-}" ]] && return 0 + command -v cast >/dev/null 2>&1 || return 0 + local deployer_addr + deployer_addr="$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true)" + [[ -n "$deployer_addr" ]] || return 0 + export DEPLOYER_ADDRESS="$deployer_addr" + export DEPLOYER="${DEPLOYER:-$deployer_addr}" +} + +normalize_private_key_env() { + [[ -n "${PRIVATE_KEY:-}" ]] || return 0 + if [[ "${PRIVATE_KEY#0x}" == "$PRIVATE_KEY" ]]; then + export PRIVATE_KEY="0x$PRIVATE_KEY" + fi +} + +require_private_key_env() { + local hint="${1:-Set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env.}" + normalize_private_key_env + if [[ -z "${PRIVATE_KEY:-}" ]]; then + echo "ERROR: PRIVATE_KEY not available. $hint" >&2 + return 1 + fi + return 0 +} + +derive_deployer_address() { + if [[ -n "${DEPLOYER_ADDRESS:-}" ]]; then + printf '%s\n' "$DEPLOYER_ADDRESS" + return 0 + fi + normalize_private_key_env + if [[ -z "${PRIVATE_KEY:-}" ]]; then + return 1 + fi + command -v cast >/dev/null 2>&1 || return 1 + local deployer_addr + deployer_addr="$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true)" + [[ -n "$deployer_addr" ]] || return 1 + export DEPLOYER_ADDRESS="$deployer_addr" + export DEPLOYER="${DEPLOYER:-$deployer_addr}" + printf '%s\n' "$deployer_addr" +} + +require_deployer_address() { + local deployer_addr + require_private_key_env "${1:-Set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env.}" || return 1 + deployer_addr="$(derive_deployer_address || true)" + if [[ -z "$deployer_addr" ]]; then + echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2 + return 1 + fi + printf '%s\n' "$deployer_addr" +} + # Preferred .env: ENV_FILE if set and readable; else PROJECT_ROOT/.env (repo root). load_deployment_env() { local root="${PROJECT_ROOT}" @@ -24,17 +95,9 @@ load_deployment_env() { export PROJECT_ROOT="$root" local dotenv="${root}/.env" [[ -n "${ENV_FILE:-}" && -f "${ENV_FILE}" ]] && dotenv="${ENV_FILE}" - if [[ -f "$dotenv" ]]; then - local had_nounset=0 - if [[ $- == *u* ]]; then - had_nounset=1 - set +u - fi - set -a - # shellcheck disable=SC1090 - source "$dotenv" - set +a - (( had_nounset )) && set -u + _dep_dotenv_source "$dotenv" + if [[ -z "${ENV_FILE:-}" ]]; then + _dep_dotenv_source "${root}/smom-dbis-138/.env" fi local secure_secrets_file="${SECURE_SECRETS_FILE:-$HOME/.secure-secrets/private-keys.env}" if [[ -f "$secure_secrets_file" ]]; then @@ -65,11 +128,17 @@ load_deployment_env() { if [[ -z "${PRIVATE_KEY:-}" && -n "${DEPLOYER_PRIVATE_KEY:-}" ]]; then export PRIVATE_KEY="$DEPLOYER_PRIVATE_KEY" fi + normalize_private_key_env + _dep_export_from_private_key + export CHAIN_651940_RPC_URL="${CHAIN_651940_RPC_URL:-${ALL_MAINNET_RPC:-}}" + export CHAIN_651940_RPC="${CHAIN_651940_RPC:-${CHAIN_651940_RPC_URL:-${ALL_MAINNET_RPC:-}}}" + export ALLTRA_MAINNET_RPC="${ALLTRA_MAINNET_RPC:-${ALL_MAINNET_RPC:-${CHAIN_651940_RPC_URL:-${CHAIN_651940_RPC:-}}}}" # Trailing CR/LF on RPC URL lines breaks cast/curl; strip common RPC vars after load. local _k _v for _k in RPC_URL_138 RPC_URL CHAIN138_RPC ETHEREUM_MAINNET_RPC GNOSIS_MAINNET_RPC GNOSIS_RPC \ CRONOS_RPC_URL CRONOS_RPC CELO_MAINNET_RPC CELO_RPC BSC_RPC_URL POLYGON_MAINNET_RPC \ - BASE_MAINNET_RPC OPTIMISM_MAINNET_RPC ARBITRUM_MAINNET_RPC AVALANCHE_RPC_URL WEMIX_RPC WEMIX_MAINNET_RPC; do + BASE_MAINNET_RPC OPTIMISM_MAINNET_RPC ARBITRUM_MAINNET_RPC AVALANCHE_RPC_URL WEMIX_RPC WEMIX_MAINNET_RPC \ + ALL_MAINNET_RPC ALLTRA_MAINNET_RPC CHAIN_651940_RPC CHAIN_651940_RPC_URL; do _v="${!_k:-}" [[ -z "$_v" ]] && continue _v="${_v%$'\r'}"