d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
c3d4c786fa73f26c0e4aebbcc2e1539f5f21e8aa
smom-dbis-138/docs/deployment/DEPLOYMENT_CREDENTIALS.md

7.9 KiB
Raw Blame History

Deployment Credentials Guide

Overview

This guide covers all required credentials and environment variables for deploying the contracts.

Required Environment Variables

1. Deployer Configuration

PRIVATE_KEY (Required)

  • Description: Private key of the deployer account (without 0x prefix)
  • Usage: Used by all deployment scripts
  • Security: NEVER commit to version control
  • Example: PRIVATE_KEY=your_private_key_here

2. CCIP Configuration

CCIP_ROUTER (Required)

  • Description: CCIP Router address on your chain
  • Usage: Used by CCIP bridge deployment scripts
  • Example: CCIP_ROUTER=0x0000000000000000000000000000000000000000

CCIP_FEE_TOKEN (Required)

  • Description: LINK token address for paying CCIP fees
  • Usage: Used by CCIP bridge deployment scripts
  • Example: CCIP_FEE_TOKEN=0x0000000000000000000000000000000000000000

3. WETH Configuration (Optional)

WETH9_ADDRESS (Optional)

  • Description: WETH9 contract address (if not deploying new one)
  • Usage: Used by CCIPWETH9Bridge deployment script
  • Example: WETH9_ADDRESS=0x0000000000000000000000000000000000000000

WETH10_ADDRESS (Optional)

  • Description: WETH10 contract address (if not deploying new one)
  • Usage: Used by CCIPWETH10Bridge deployment script
  • Example: WETH10_ADDRESS=0x0000000000000000000000000000000000000000

4. Deployment Flags (Optional)

DEPLOY_WETH9 (Optional)

  • Description: Set to true to deploy WETH9
  • Usage: Used by DeployWETHWithCCIP script
  • Example: DEPLOY_WETH9=true

DEPLOY_WETH10 (Optional)

  • Description: Set to true to deploy WETH10
  • Usage: Used by DeployWETHWithCCIP script
  • Example: DEPLOY_WETH10=true

DEPLOY_BRIDGES (Optional)

  • Description: Set to true to deploy CCIP bridges
  • Usage: Used by DeployWETHWithCCIP script
  • Example: DEPLOY_BRIDGES=true

5. Oracle Configuration (Optional)

ORACLE_DESCRIPTION (Optional)

  • Description: Oracle description (e.g., "ETH/USD Price Feed")
  • Usage: Used by DeployOracle script
  • Default: ETH/USD Price Feed
  • Example: ORACLE_DESCRIPTION=ETH/USD Price Feed

ORACLE_HEARTBEAT (Optional)

  • Description: Oracle heartbeat in seconds
  • Usage: Used by DeployOracle script
  • Default: 60
  • Example: ORACLE_HEARTBEAT=60

ORACLE_DEVIATION_THRESHOLD (Optional)

  • Description: Oracle deviation threshold in basis points
  • Usage: Used by DeployOracle script
  • Default: 50 (0.5%)
  • Example: ORACLE_DEVIATION_THRESHOLD=50

6. MultiSig Configuration (Optional)

MULTISIG_OWNER_1 (Optional)

  • Description: MultiSig owner address 1
  • Usage: Used by DeployMultiSig script
  • Example: MULTISIG_OWNER_1=0x0000000000000000000000000000000000000001

MULTISIG_OWNER_2 (Optional)

  • Description: MultiSig owner address 2
  • Usage: Used by DeployMultiSig script
  • Example: MULTISIG_OWNER_2=0x0000000000000000000000000000000000000002

MULTISIG_OWNER_3 (Optional)

  • Description: MultiSig owner address 3
  • Usage: Used by DeployMultiSig script
  • Example: MULTISIG_OWNER_3=0x0000000000000000000000000000000000000003

MULTISIG_REQUIRED (Optional)

  • Description: Number of required signatures (must be <= number of owners)
  • Usage: Used by DeployMultiSig script
  • Example: MULTISIG_REQUIRED=2

7. RPC Configuration (Optional)

RPC_URL (Optional)

  • Description: RPC URL for deployment
  • Usage: Used by all deployment scripts
  • Default: http://localhost:8545
  • Example: RPC_URL=http://localhost:8545

CHAIN_ID (Optional)

  • Description: Chain ID
  • Usage: Used for chain verification
  • Default: 138
  • Example: CHAIN_ID=138

8. Verification Configuration (Optional)

ETHERSCAN_API_KEY (Optional)

  • Description: Etherscan API key for contract verification
  • Usage: Used for contract verification on Etherscan
  • Example: ETHERSCAN_API_KEY=your_etherscan_api_key_here

BLOCKSCOUT_API_KEY (Optional)

  • Description: Blockscout API key for contract verification
  • Usage: Used for contract verification on Blockscout
  • Example: BLOCKSCOUT_API_KEY=your_blockscout_api_key_here

Setup Instructions

1. Create .env File

# Copy example file
cp .env.example .env

# Edit .env file with your values
nano .env

2. Configure Variables

Fill in the required variables in .env:

# Deployer private key (required)
PRIVATE_KEY=your_private_key_here

# CCIP Router address (required)
CCIP_ROUTER=0x...

# LINK token address (required)
CCIP_FEE_TOKEN=0x...

# Deployment flags (optional)
DEPLOY_WETH9=true
DEPLOY_WETH10=true
DEPLOY_BRIDGES=true

3. Verify Configuration

# Check if variables are set
source .env
echo $PRIVATE_KEY
echo $CCIP_ROUTER
echo $CCIP_FEE_TOKEN

4. Test Configuration

# Test deployment script (dry run)
forge script script/DeployWETH.s.sol:DeployWETH --rpc-url $RPC_URL -vvvv

Security Best Practices

1. Private Key Management

  • Never commit .env to version control
  • Use environment variables in production
  • Use hardware wallets for production deployments
  • Rotate private keys regularly
  • Store sensitive credentials in Azure Key Vault or similar

2. Environment Variables

  • Use separate .env files for different environments (dev, staging, production)
  • Never hardcode credentials in code
  • Use secure key management services
  • Rotate credentials regularly

3. Access Control

  • Limit access to .env files
  • Use least privilege principle
  • Monitor access to sensitive credentials
  • Use multi-factor authentication

Deployment Scripts

Scripts Requiring PRIVATE_KEY

  • Deploy.s.sol - Main deployment script
  • DeployWETH.s.sol - WETH deployment
  • DeployWETH10.s.sol - WETH10 deployment
  • DeployCCIPWETH9Bridge.s.sol - CCIPWETH9Bridge deployment
  • DeployCCIPWETH10Bridge.s.sol - CCIPWETH10Bridge deployment
  • DeployWETHWithCCIP.s.sol - Combined WETH + CCIP deployment
  • DeployOracle.s.sol - Oracle deployment
  • DeployMulticall.s.sol - Multicall deployment
  • DeployMultiSig.s.sol - MultiSig deployment

Scripts Requiring Additional Variables

  • DeployCCIPWETH9Bridge.s.sol - Requires CCIP_ROUTER, WETH9_ADDRESS, CCIP_FEE_TOKEN
  • DeployCCIPWETH10Bridge.s.sol - Requires CCIP_ROUTER, WETH10_ADDRESS, CCIP_FEE_TOKEN
  • DeployWETHWithCCIP.s.sol - Requires CCIP_ROUTER, CCIP_FEE_TOKEN, DEPLOY_WETH9, DEPLOY_WETH10, DEPLOY_BRIDGES
  • DeployMultiSig.s.sol - Requires MULTISIG_OWNER_1, MULTISIG_OWNER_2, MULTISIG_OWNER_3, MULTISIG_REQUIRED

Testing

Test Configuration

Tests don't require environment variables - they use mock contracts and test fixtures.

Running Tests

# Run all tests
forge test

# Run specific test
forge test --match-test testSendCrossChain

# Run with verbose output
forge test -vvvv

Troubleshooting

Common Issues

  1. Missing Environment Variables

    • Error: Error: Missing environment variable: PRIVATE_KEY
    • Solution: Create .env file and set PRIVATE_KEY

  2. Invalid Private Key

    • Error: Error: Invalid private key format
    • Solution: Ensure private key is hex format without 0x prefix

  3. Invalid Address

    • Error: Error: Invalid address format
    • Solution: Ensure addresses are valid Ethereum addresses

  4. Missing CCIP Router

    • Error: Error: CCIP_ROUTER not set
    • Solution: Set CCIP_ROUTER in .env file

  5. Missing Fee Token

    • Error: Error: CCIP_FEE_TOKEN not set
    • Solution: Set CCIP_FEE_TOKEN in .env file

References

Reference in New Issue View Git Blame Copy Permalink