Skip to content

Commit

Permalink
Adding hardhat for deployment scripts (testnet and mainnet) (#13)
Browse files Browse the repository at this point in the history
This PR adds deployment scripts that use OZ defender (relayer and admin) to deploy and upgrade the DidRegistry contract. Using defender for our deployments allows us to avoid having to place any private keys in environment variables.


---------
Authored-by: Robert Leonard 
Reviewed-by: Martin Riedel
  • Loading branch information
Robert-H-Leonard authored Sep 20, 2023
1 parent c03a44d commit 54d8d98
Show file tree
Hide file tree
Showing 13 changed files with 505 additions and 1 deletion.
57 changes: 57 additions & 0 deletions .github/workflows/mainnet-deployment-upgrade.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: bnb-main-deployment-upgrade

on:
workflow_dispatch:

env:
DEFENDER_KEY: ${{ secrets.DEFENDER_KEY }}
DEFENDER_SECRET: ${{ secrets.DEFENDER_SECRET }}
DEFENDER_RELAY_KEY: ${{ secrets.DEFENDER_BNB_RELAY_KEY }}
DEFENDER_RELAY_SECRET: ${{ secrets.DEFENDER_BNB_RELAY_SECRET }}
EXPLORER_API_KEY: ${{ secrets.BNB_EXPLORER_API_KEY }}
DID_REGISTRY_PROXY_ADDRESS: ${{ secrets.DID_REGISTRY_PROXY_ADDRESS }}
GNOSIS_ADDRESS: ${{ secrets.GNOSIS_ADDRESS }}
BNB_TESTNET_RPC_URL: ${{ secrets.BNB_TESTNET_RPC_URL }}
BNB_RPC_URL: ${{ secrets.BNB_RPC_URL }}

jobs:
check:
strategy:
fail-fast: true

name: Bnb testnet deployment
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Install Forge Dependencies
run: |
forge install openzeppelin-contracts-upgradeable=OpenZeppelin/openzeppelin-contracts-upgradeable --no-commit
id: install-dependency-contracts

- name: Run Forge build
run: |
forge --version
forge build --sizes
id: build

- name: Set Node.js 16.x
uses: actions/setup-node@v3
with:
node-version: 16.x

- name: Install hardhat dependencies
run: |
npm install
id: install-hardhat-dependencies

- name: Run deployment script
run: npm run mainnet-upgrade-and-verify-contract
id: upgrade-and-verify
57 changes: 57 additions & 0 deletions .github/workflows/mainnet-deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: bnb-main-deployment

on:
workflow_dispatch:

env:
DEFENDER_KEY: ${{ secrets.DEFENDER_KEY }}
DEFENDER_SECRET: ${{ secrets.DEFENDER_SECRET }}
DEFENDER_RELAY_KEY: ${{ secrets.DEFENDER_BNB_RELAY_KEY }}
DEFENDER_RELAY_SECRET: ${{ secrets.DEFENDER_BNB_RELAY_SECRET }}
EXPLORER_API_KEY: ${{ secrets.BNB_EXPLORER_API_KEY }}
DID_REGISTRY_PROXY_ADDRESS: ${{ secrets.DID_REGISTRY_PROXY_ADDRESS }}
GNOSIS_ADDRESS: ${{ secrets.GNOSIS_ADDRESS }}
BNB_TESTNET_RPC_URL: ${{ secrets.BNB_TESTNET_RPC_URL }}
BNB_RPC_URL: ${{ secrets.BNB_RPC_URL }}

jobs:
check:
strategy:
fail-fast: true

name: Bnb testnet deployment
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Install Forge Dependencies
run: |
forge install openzeppelin-contracts-upgradeable=OpenZeppelin/openzeppelin-contracts-upgradeable --no-commit
id: install-dependency-contracts

- name: Run Forge build
run: |
forge --version
forge build --sizes
id: build

- name: Set Node.js 16.x
uses: actions/setup-node@v3
with:
node-version: 16.x

- name: Install hardhat dependencies
run: |
npm install
id: install-hardhat-dependencies

- name: Run deployment script
run: npm run mainnet-deploy-and-verify-contract
id: deploy-and-verify
59 changes: 59 additions & 0 deletions .github/workflows/testnet-deployment-upgrade.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
name: bnb-testnet-upgrade-deployment

on:
push:
branches:
- main

env:
DEFENDER_KEY: ${{ secrets.DEFENDER_KEY }}
DEFENDER_SECRET: ${{ secrets.DEFENDER_SECRET }}
DEFENDER_RELAY_KEY: ${{ secrets.DEFENDER_BNB_TESTNET_RELAY_KEY }}
DEFENDER_RELAY_SECRET: ${{ secrets.DEFENDER_BNB_TESTNET_RELAY_SECRET }}
EXPLORER_API_KEY: ${{ secrets.BNB_EXPLORER_API_KEY }}
DID_REGISTRY_PROXY_ADDRESS: ${{ secrets.DID_REGISTRY_PROXY_ADDRESS }}
GNOSIS_ADDRESS: ${{ secrets.GNOSIS_ADDRESS }}
BNB_TESTNET_RPC_URL: ${{ secrets.BNB_TESTNET_RPC_URL }}
BNB_RPC_URL: ${{ secrets.BNB_RPC_URL }}

jobs:
check:
strategy:
fail-fast: true

name: Bnb testnet deployment
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Install Forge Dependencies
run: |
forge install openzeppelin-contracts-upgradeable=OpenZeppelin/openzeppelin-contracts-upgradeable --no-commit
id: install-dependency-contracts

- name: Run Forge build
run: |
forge --version
forge build --sizes
id: build

- name: Set Node.js 16.x
uses: actions/setup-node@v3
with:
node-version: 16.x

- name: Install hardhat dependencies
run: |
npm install
id: install-hardhat-dependencies

- name: Run deployment script
run: npm run testnet-upgrade-and-verify-contract
id: upgrade-and-verify
59 changes: 59 additions & 0 deletions .github/workflows/testnet-deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
name: bnb-testnet-deployment

on:
push:
branches:
- main

env:
DEFENDER_KEY: ${{ secrets.DEFENDER_KEY }}
DEFENDER_SECRET: ${{ secrets.DEFENDER_SECRET }}
DEFENDER_RELAY_KEY: ${{ secrets.DEFENDER_BNB_TESTNET_RELAY_KEY }}
DEFENDER_RELAY_SECRET: ${{ secrets.DEFENDER_BNB_TESTNET_RELAY_SECRET }}
EXPLORER_API_KEY: ${{ secrets.BNB_EXPLORER_API_KEY }}
DID_REGISTRY_PROXY_ADDRESS: ${{ secrets.DID_REGISTRY_PROXY_ADDRESS }}
GNOSIS_ADDRESS: ${{ secrets.GNOSIS_ADDRESS }}
BNB_TESTNET_RPC_URL: ${{ secrets.BNB_TESTNET_RPC_URL }}
BNB_RPC_URL: ${{ secrets.BNB_RPC_URL }}

jobs:
check:
strategy:
fail-fast: true

name: Bnb testnet deployment
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Install Forge Dependencies
run: |
forge install openzeppelin-contracts-upgradeable=OpenZeppelin/openzeppelin-contracts-upgradeable --no-commit
id: install-dependency-contracts

- name: Run Forge build
run: |
forge --version
forge build --sizes
id: build

- name: Set Node.js 16.x
uses: actions/setup-node@v3
with:
node-version: 16.x

- name: Install hardhat dependencies
run: |
npm install
id: install-hardhat-dependencies

- name: Run deployment script
run: npm run testnet-deploy-and-verify-contract
id: deploy-and-verify
5 changes: 5 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,12 +1,16 @@
# Compiler files
cache/
cache_hardhat/
artifacts/
out/
node_modules/

# Ignores development broadcast logs
!/broadcast
/broadcast/*/31337/
/broadcast/**/dry-run/

# ts-client files
ts-client/node_modules
ts-client/types
ts-client/yarn.lock
Expand All @@ -15,3 +19,4 @@ ts-client/yarn.lock

# IDE files
.idea/
.vscode/
27 changes: 26 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ Event Emitted: `ControllerRemoved`

## Deployments

- Testnet: [0x75837371D170Bb8E5b74A968aDe00eDeaf59AD56](https://testnet.bscscan.com/address/0x75837371d170bb8e5b74a968ade00edeaf59ad56#code)
- Testnet: [0x88a05b4370BbB90c9F3EEa72A65c77131a7bc18d](https://testnet.bscscan.com/address/0x88a05b4370BbB90c9F3EEa72A65c77131a7bc18d)


## Developer Notes
Expand All @@ -188,3 +188,28 @@ This project uses foundry for writing test. You can run the unit test suite by r
To run the test and get a test coverage report you can run:

`forge coverage`


### Contract deployment
This project uses hardhat scripts in combination with [Openzeppelin defender](https://www.openzeppelin.com/defender) and a multi-sig wallet (both on testnet and mainnet) for contract deployments. All deployment transactions occur through a [relayer](https://docs.openzeppelin.com/defender/v2/manage/relayers) and once deployed ownership of all contracts is transferred to the multi-sig wallet that is also managed in Defender.

#### Bnb testnet
Deployments are automatically triggered on every merge to the `main` branch via a github action and can also be run manually. Before deployments please ensure the relayer has enough testnet BNB. You can get more testnet bnb at [this faucet](https://testnet.bnbchain.org/faucet-smart).

- Relayer address: [0x8785567484518943B3eeB59882Ab9199994d04bF](https://testnet.bscscan.com/address/0x8785567484518943B3eeB59882Ab9199994d04bF)

- DidRegistry proxy address: 0x88a05b4370BbB90c9F3EEa72A65c77131a7bc18d

#### Bnb testnet
Deployments are automatically triggered on every merge to the `main` branch via a github action and can also be run manually. Before deployments please ensure the relayer has enough testnet BNB. You can get more testnet bnb at [this faucet](https://testnet.bnbchain.org/faucet-smart).

- Relayer address: [0x8785567484518943B3eeB59882Ab9199994d04bF](https://testnet.bscscan.com/address/0x8785567484518943B3eeB59882Ab9199994d04bF)

- DidRegistry proxy address: 0x88a05b4370BbB90c9F3EEa72A65c77131a7bc18d

#### Bnb mainnet
Deployments are manually triggered via a github action. Before deployments please ensure the relayer has enough BNB.

- Relayer address: TBD

- DidRegistry proxy address: TBD
12 changes: 12 additions & 0 deletions example.env
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
DEFENDER_KEY=
DEFENDER_SECRET=
DEFENDER_RELAY_KEY=
DEFENDER_RELAY_SECRET=

DID_REGISTRY_PROXY_ADDRESS=
GNOSIS_ADDRESS=

BNB_EXPLORER_API_KEY=

BNB_TESTNET_RPC_URL=
BNB_RPC_URL=
72 changes: 72 additions & 0 deletions hardhat.config.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
import { HardhatUserConfig } from "hardhat/config";
import { config as dotEnvConfig } from "dotenv";
import "@openzeppelin/hardhat-upgrades";
import "@nomicfoundation/hardhat-verify";
import "hardhat-preprocessor";
import fs from "fs";

dotEnvConfig();

// Preprocessor logic is directly from foundry docs: https://book.getfoundry.sh/config/hardhat

function getRemappings() {
return fs
.readFileSync("remappings.txt", "utf8")
.split("\n")
.filter(Boolean) // remove empty lines
.map((line) => line.trim().split("="));
}

const config: HardhatUserConfig = {
solidity: {
version: "0.8.19",
settings: {
optimizer: {
enabled: true,
runs: 200,
},
},
},
defender: {
apiKey: process.env.DEFENDER_KEY!,
apiSecret: process.env.DEFENDER_SECRET!
},
networks: {
testnetBnb: {
url: process.env.BNB_TESTNET_RPC_URL!,
chainId: 97
},
opBnb: {
url: "https://opbnb-testnet-rpc.bnbchain.org",
accounts: [process.env.BNB_TESTNET_PK!]
},
bnbSmartChain: {
url: process.env.BNB_RPC_URL!,
chainId: 56,
}
},
etherscan: {
apiKey: process.env.BNB_EXPLORER_API_KEY!
},
preprocess: {
eachLine: (hre) => ({
transform: (line: string) => {
if (line.match(/^\s*import /i)) {
getRemappings().forEach(([find, replace]) => {
if (line.match(find)) {
line = line.replace(find, replace);
}
});
}
return line;
},
}),
},
paths: {
sources: "./src",
cache: "./cache_hardhat",
},
};


export default config;
Loading

0 comments on commit 54d8d98

Please sign in to comment.