# Contract Deployment Environment Setup Guide **Last Updated**: 2025-01-27 **Status**: Active **Purpose**: Contract deployment and testing environment configuration ## Overview This guide covers the environment variables and configuration required for deploying and testing the contracts. > **Related Documentation**: > - [Network Configuration Guide](NETWORK_CONFIGURATION_GUIDE.md) - For Besu network configuration > - [Azure/Cloudflare Environment Setup](AZURE_CLOUDFLARE_ENV_SETUP.md) - For Azure and Cloudflare environment variables ## Environment Variables ### Required Variables #### Deployer Configuration - `PRIVATE_KEY` - Private key of the deployer account (without 0x prefix) #### CCIP Configuration - `CCIP_ROUTER` - CCIP Router address on your chain - `CCIP_FEE_TOKEN` - LINK token address for paying CCIP fees #### WETH Configuration (Optional) - `WETH9_ADDRESS` - WETH9 contract address (if not deploying new one) - `WETH10_ADDRESS` - WETH10 contract address (if not deploying new one) #### Deployment Flags - `DEPLOY_WETH9` - Set to `true` to deploy WETH9 - `DEPLOY_WETH10` - Set to `true` to deploy WETH10 - `DEPLOY_BRIDGES` - Set to `true` to deploy CCIP bridges #### Oracle Configuration (Optional) - `ORACLE_DESCRIPTION` - Oracle description (e.g., "ETH/USD Price Feed") - `ORACLE_HEARTBEAT` - Oracle heartbeat in seconds (default: 60) - `ORACLE_DEVIATION_THRESHOLD` - Oracle deviation threshold in basis points (default: 50) #### MultiSig Configuration (Optional) - `MULTISIG_OWNER_1` - MultiSig owner address 1 - `MULTISIG_OWNER_2` - MultiSig owner address 2 - `MULTISIG_OWNER_3` - MultiSig owner address 3 - `MULTISIG_REQUIRED` - Number of required signatures (must be <= number of owners) ### Optional Variables #### RPC Configuration - `RPC_URL` - RPC URL for deployment (default: http://localhost:8545) - `CHAIN_ID` - Chain ID (default: 138) #### Verification Configuration - `ETHERSCAN_API_KEY` - Etherscan API key for contract verification - `BLOCKSCOUT_API_KEY` - Blockscout API key for contract verification ## Examples ### Example: Complete .env File for Contract Deployment ```bash # Deployer Configuration PRIVATE_KEY=0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef # CCIP Configuration CCIP_ROUTER=0x1234567890123456789012345678901234567890 CCIP_FEE_TOKEN=0x0987654321098765432109876543210987654321 # WETH Configuration (Optional - if not deploying new) WETH9_ADDRESS=0xabcdefabcdefabcdefabcdefabcdefabcdefabcd WETH10_ADDRESS=0xfedcbafedcbafedcbafedcbafedcbafedcba # Deployment Flags DEPLOY_WETH9=true DEPLOY_WETH10=true DEPLOY_BRIDGES=true # Oracle Configuration ORACLE_DESCRIPTION="ETH/USD Price Feed" ORACLE_HEARTBEAT=60 ORACLE_DEVIATION_THRESHOLD=50 # MultiSig Configuration MULTISIG_OWNER_1=0x1111111111111111111111111111111111111111 MULTISIG_OWNER_2=0x2222222222222222222222222222222222222222 MULTISIG_OWNER_3=0x3333333333333333333333333333333333333333 MULTISIG_REQUIRED=2 # RPC Configuration RPC_URL=http://localhost:8545 CHAIN_ID=138 # Verification ETHERSCAN_API_KEY=your-etherscan-api-key BLOCKSCOUT_API_KEY=your-blockscout-api-key ``` ### Example: Minimal .env File ```bash # Minimum required for basic deployment PRIVATE_KEY=0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef RPC_URL=http://localhost:8545 CHAIN_ID=138 ``` ## Setup Instructions ### 1. Create .env File ```bash # Copy example file cp .env.example .env # Edit .env file with your values nano .env ``` ### 2. Configure Variables Fill in the required variables in `.env`: ```bash # Deployer private key (required) PRIVATE_KEY=your_private_key_here # CCIP Router address (required) CCIP_ROUTER=0x... # LINK token address (required) CCIP_FEE_TOKEN=0x... # Deployment flags (optional) DEPLOY_WETH9=true DEPLOY_WETH10=true DEPLOY_BRIDGES=true ``` ### 3. Verify Configuration ```bash # Check if variables are set source .env echo $PRIVATE_KEY echo $CCIP_ROUTER echo $CCIP_FEE_TOKEN ``` ### 4. Test Configuration ```bash # Test deployment script (dry run) forge script script/DeployWETH.s.sol:DeployWETH --rpc-url $RPC_URL -vvvv ``` ## Security Best Practices ### 1. Private Key Management - **Never commit .env to version control** - Use environment variables in production - Use hardware wallets for production deployments - Rotate private keys regularly - Store sensitive credentials in Azure Key Vault or similar ### 2. Environment Variables - Use separate .env files for different environments (dev, staging, production) - Never hardcode credentials in code - Use secure key management services - Rotate credentials regularly ### 3. Access Control - Limit access to .env files - Use least privilege principle - Monitor access to sensitive credentials - Use multi-factor authentication ## Deployment Scripts ### Scripts Requiring PRIVATE_KEY - `Deploy.s.sol` - Main deployment script - `DeployWETH.s.sol` - WETH deployment - `DeployWETH10.s.sol` - WETH10 deployment - `DeployCCIPWETH9Bridge.s.sol` - CCIPWETH9Bridge deployment - `DeployCCIPWETH10Bridge.s.sol` - CCIPWETH10Bridge deployment - `DeployWETHWithCCIP.s.sol` - Combined WETH + CCIP deployment - `DeployOracle.s.sol` - Oracle deployment - `DeployMulticall.s.sol` - Multicall deployment - `DeployMultiSig.s.sol` - MultiSig deployment ### Scripts Requiring Additional Variables - `DeployCCIPWETH9Bridge.s.sol` - Requires CCIP_ROUTER, WETH9_ADDRESS, CCIP_FEE_TOKEN - `DeployCCIPWETH10Bridge.s.sol` - Requires CCIP_ROUTER, WETH10_ADDRESS, CCIP_FEE_TOKEN - `DeployWETHWithCCIP.s.sol` - Requires CCIP_ROUTER, CCIP_FEE_TOKEN, DEPLOY_WETH9, DEPLOY_WETH10, DEPLOY_BRIDGES - `DeployMultiSig.s.sol` - Requires MULTISIG_OWNER_1, MULTISIG_OWNER_2, MULTISIG_OWNER_3, MULTISIG_REQUIRED ## Testing ### Test Configuration Tests don't require environment variables - they use mock contracts and test fixtures. ### Running Tests ```bash # Run all tests forge test # Run specific test forge test --match-test testSendCrossChain # Run with verbose output forge test -vvvv ``` ## Troubleshooting ### Common Issues 1. **Missing Environment Variables** - Error: `Error: Missing environment variable: PRIVATE_KEY` - Solution: Create .env file and set PRIVATE_KEY 2. **Invalid Private Key** - Error: `Error: Invalid private key format` - Solution: Ensure private key is hex format without 0x prefix 3. **Invalid Address** - Error: `Error: Invalid address format` - Solution: Ensure addresses are valid Ethereum addresses 4. **Missing CCIP Router** - Error: `Error: CCIP_ROUTER not set` - Solution: Set CCIP_ROUTER in .env file 5. **Missing Fee Token** - Error: `Error: CCIP_FEE_TOKEN not set` - Solution: Set CCIP_FEE_TOKEN in .env file ## References - [Foundry Documentation](https://book.getfoundry.sh/) - [Chainlink CCIP Documentation](https://docs.chain.link/ccip) - [WETH Deployment Guide](docs/WETH_CCIP_DEPLOYMENT.md) - [Azure/Cloudflare Environment Setup](AZURE_CLOUDFLARE_ENV_SETUP.md)