Support

## Setting the Stage: Cross-Chain Token Deployment Goals Our primary objective is to prepare and deploy smart contracts onto live testnets. This will allow us to thoroughly test the cross-chain functionality, specifically focusing on sending tokens between different blockchain networks. The deployment strategy involves two key testnets: * **On Sepolia Testnet:** * Deploy a `Vault` contract. * Deploy a `RebaseToken` contract. * Deploy an associated `TokenPool` contract for the `RebaseToken`. * **On zkSync Sepolia Testnet:** * Deploy another distinct token contract. * Deploy an associated `TokenPool` contract for this second token. The ultimate aim of these deployments is to enable and verify the process of bridging tokens from the Sepolia testnet over to the zkSync Sepolia testnet. ## Compiling Your Contracts: Initial Build and Debugging in Foundry Before we can deploy, it's essential to ensure all our smart contracts and accompanying deployment scripts compile successfully. We'll use Foundry for this critical step. To initiate the build process, execute the following command in your terminal: ```bash forge build ``` During an initial build attempt, you might encounter compilation errors. For instance, a common issue is related to data location for struct variables in Solidity scripts: ``` Compiler run failed: Error (6651): Data location must be "storage", "memory" or "calldata" for variable, but none was given. --> script/BridgeTokens.s.sol:28:9: | 28 | Client.EVM2AnyMessage message = Client.EVM2AnyMessage({ | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ``` This error message clearly indicates that the `message` variable, which is of type `Client.EVM2AnyMessage` (a struct), was declared without specifying its data location (e.g., `memory`, `storage`, or `calldata`). To resolve this, you need to modify the script file, in this case, `script/BridgeTokens.s.sol`. The fix involves explicitly adding the `memory` keyword to the struct variable declaration: ```solidity // Original problematic line: // Client.EVM2AnyMessage message = Client.EVM2AnyMessage({ ... }); // Corrected line: Client.EVM2AnyMessage memory message = Client.EVM2AnyMessage({ ... }); ``` After applying such fixes, running `forge build` again should result in the successful compilation of your contracts and scripts. ## Securing Your Setup: RPC URL Configuration and Best Practices When working with live testnets or mainnets, you'll need to configure RPC (Remote Procedure Call) endpoints. These are typically managed in your `foundry.toml` file. It is critically important to handle your RPC URLs with care. **Never share your personal RPC URLs publicly.** The RPC URLs you might see in demonstration videos or tutorials are often temporary and will be deactivated. If your personal RPC URL, especially one tied to an account with real funds or services you pay for, is exposed, it could be misused by malicious actors. This could lead to rate-limiting issues, denial of service, or even attempts to attribute malicious activity to your endpoint. Always protect your RPC URLs like you would any other sensitive credential. ## Navigating Foundry's `via_ir` Compiler and the `vm.warp()` Quirk For projects that utilize Continuous Integration (CI) pipelines, such as GitHub Actions, ensuring consistent behavior across different environments is key. Foundry's `via_ir` compiler option can be relevant here. Enabling `via_ir` instructs the Solidity compiler to generate an intermediate representation (Yul IR) before bytecode generation, which can sometimes affect optimizations or compatibility. You can enable this option by adding the following line to your `foundry.toml` file: ```toml # foundry.toml # ... via_ir = true # ... ``` However, there's a known issue: Foundry's `vm.warp()` cheatcode, which is invaluable for testing time-dependent logic by manipulating `block.timestamp`, may not function as expected when `via_ir` is enabled. This discrepancy is documented in the Foundry GitHub repository, specifically under an issue titled "vm.warp() does not work as intended when via_ir = true" (e.g., `github.com/foundry-rs/foundry/issues/8102`). This bug can cause tests that rely heavily on `vm.warp` to pass locally (where `via_ir` might be off by default) but fail in a CI environment if `via_ir` is active there. ## Crafting Robust Tests: Workarounds for the `via_ir` and `vm.warp()` Interaction Given the potential conflict between `via_ir` and `vm.warp()`, adjustments to your test files, particularly those involving time manipulation, may be necessary. Let's consider an example within `test/CrossChain.t.sol`. Tests that use `vm.warp` and then immediately assert state changes that depend on the warped timestamp can be problematic. For instance, checking a `userInterestRate` before a `vm.warp` and expecting it to remain unchanged relative to a pre-warp stored value on a *remote* contract after the warp can lead to failures when `via_ir` is active. The workaround strategy involves making your tests less sensitive to the exact timing behavior around `vm.warp` when `via_ir` is enabled: 1. **Refactor Assertions Around `vm.warp`:** In helper functions or test setups where `vm.warp` is used, avoid storing local variables that capture state (like an interest rate) *before* the `vm.warp` and then asserting their equality with a *remote* state *after* the `vm.warp`. For example, lines like these within a `bridgeTokens` helper function were identified as sources of potential issues and were removed or refactored: ```solidity // Problematic pattern when via_ir is enabled: // uint256 localUserInterestRate = localToken.getUserInterestRate(user); // Value before vm.warp // ... // vm.warp(block.timestamp + 20 minutes); // Time is warped // ... // // This assertion might fail due to via_ir affecting how state is perceived post-warp // assertEq(remoteToken.getUserInterestRate(user), localUserInterestRate); ``` 2. **Adjust Fee Handling (Optional Optimization):** While not directly a fix for the `vm.warp` issue, inlining fee calculations or variables directly into function calls rather than storing them in intermediate local variables can sometimes simplify logic and reduce potential points of failure, though this is more of a general refactoring tip. 3. **Restructure Assertion Logic:** Instead of making fine-grained assertions around `vm.warp` calls within helper functions, shift these critical checks. For instance, verify interest rates or other key states on the source chain and the destination chain independently *after* the entire cross-chain operation has completed within your main test function (e.g., `testBridgeAllTokens`). This approach focuses on the end-to-end correctness rather than intermediate state consistency that might be affected by the `via_ir` and `vm.warp` interaction. After implementing these test modifications to enhance robustness against the `via_ir` and `vm.warp()` behavior, running `forge build` should once again succeed. It's important to note that with these test adjustments, enabling `via_ir` might not be strictly "needed" for a local build to pass if it wasn't failing before. However, these changes ensure better compatibility and reliability if `via_ir` *is* used, for example, in a GitHub CI environment. ## Final Considerations for `via_ir` and Test Stability If you intend to use the `via_ir` compiler option, perhaps for its optimization benefits or to match a CI environment, implementing the aforementioned workarounds in your test suite becomes crucial. These changes, focused on how local variables are used around `vm.warp` and how assertions are structured, are key to maintaining test reliability. It's worth noting that some workarounds suggested in community discussions or GitHub issues (such as using `vm.getBlockTimestamp()` as an alternative way to fetch the current timestamp in tests) might not resolve the issue in all specific scenarios; the effectiveness can vary. For a more in-depth understanding of this particular Foundry bug and its related discussions, consulting the primary GitHub issue (`#8102`) and any linked issues (e.g., `#3806`, `#4934`, `#6180`) on the `foundry-rs/foundry` repository is highly recommended. These resources provide context and track the progress of potential fixes. By addressing these build and testing nuances, your project will be better prepared for successful deployment and robust cross-chain functionality verification.

Build Scripts

An in-depth walkthrough to Mastering Cross-Chain Foundry Deployments and `via_ir` Test Stability - Prepare your smart contracts for cross-chain deployment across testnets like Sepolia and zkSync, focusing on successful compilation and secure RPC setup. Dive into resolving the `via_ir` and `vm.warp()` testing conflict in Foundry to ensure your CI pipelines run smoothly with robust tests.

Course Overview

About the course

What you'll learn

Advanced smart contract development

How to develop a stablecoin

How to develop a DeFi protocol

How to develop a DAO

Advanced smart contracts testing

Fuzz testing

Manual verification

Course Description

Who is this course for?

Engineers
Smart Contract Security researchers

Potential Careers

Web3 Developer Relations

$85,000 - $125,000 (avg. salary)

Web3 developer

$60,000 - $150,000 (avg. salary)

Smart Contract Engineer

$100,000 - $150,000 (avg. salary)

Smart Contract Auditor

$100,000 - $200,000 (avg. salary)

Security researcher

$49,999 - $120,000 (avg. salary)

Meet your instructors

Patrick Collins

Founder at Cyfrin

Web3 engineer, educator, and Cyfrin co-founder. Patrick's smart contract development and security courses have helped hundreds of thousands of engineers kickstarting their careers into web3.

Ciara Nightingale

Developer relations at Cyfrin

Guest lecturers:

Juliette Chevalier

Lead Developer relations at Aragon

Vasiliy Gualoto

Developer relations at ThirdWeb

Nader Dabit

Director of developer relations at EigenLayer

Ally Haire

Developer relations at Protocol Labs

Harrison

Founder at GasliteGG

Vitto Rivabella

CPO at Cyfrin

Last updated on June 10, 2025

Thanks for checking us out

Start learning for free

Start for free

Solidity Smart Contract Developer Advanced Foundry

Section 1: Develop an ERC20 Crypto Currency

Duration: 36min

Section 2: Develop an NFTs Collection

Duration: 3h 06min

Section 3: Develop a DeFi Protocol

Duration: 5h 02min

Section 4: Cross Chain Rebase Token

Duration: 6h 02min

1. Introduction

A comprehensive masterclass to Building Cross-Chain Rebase Tokens with Foundry and Chainlink CCIP - Learn to design, implement, and deploy interest-accruing rebase tokens across chains using Foundry and Chainlink CCIP. Covers burn-and-mint logic, advanced fork testing with local CCIP simulation, and automated deployment scripts. Duration: 3min

2. What Is-a-rebase-token

An essential guide to Demystifying Rebase Tokens and Elastic Supply - Grasp how rebase tokens use an elastic supply to algorithmically alter your balance, demystifying unexpected changes in your crypto holdings. You'll explore their core mechanics, types, contrast with standard tokens, and see how Aave's aTokens work, including a peek into their smart contract logic. Duration: 2min

3. Rebase Token-code-structure

A strategic guide to Blueprinting Your Single-Chain Rebase Token - Initialize your Foundry project and establish a clean development environment for your smart contracts. Then, architect the core functionalities of a single-chain rebase token, defining its dynamic balance system and a unique, decreasing global interest rate model to incentivize early users. Duration: 9min

4. Writing The-rebase-token-contract

A conceptual guide to Writing Your First Rebase Token in Solidity - Discover how to build an ERC20-based Rebase Token in Solidity, allowing user balances to automatically grow via accrued interest. This lesson details setting up global and user-specific interest rates, overriding `balanceOf` for dynamic balance reflection, and minting new tokens as interest. Duration: 33min

5. Mintinterest And-burn-functions

A comprehensive deep-dive to Solidity Rebase Tokens: Managing Dynamic Balances and Interest - Explore how to implement `_mintAccruedInterest` to ensure accurate reflection of accrued interest in user balances before any token operations. You'll learn to build `mint` and `burn` functions for rebase tokens, incorporating `type(uint256).max` for full balance interactions and adhering to Solidity best practices. Duration: 9min

6. Finish Rebase-token-contract

An in-depth lesson to Completing Your Rebase Token Smart Contract - Finalize your custom RebaseToken by overriding OpenZeppelin ERC20 functions like `balanceOf` and `transfer` for accurate interest accrual. Explore the `totalSupply` trade-off, add new utility functions, and identify the next vital step: implementing robust access control. Duration: 16min

7. Access Control

An implementer's guide to Securing Your RebaseToken: Implementing Access Control in Solidity - Learn to fortify your `RebaseToken` by integrating OpenZeppelin's `Ownable` for simple owner control and `AccessControl` for fine-grained, role-based permissions. You'll implement `onlyOwner` and `onlyRole` modifiers, define custom roles, and manage their assignment for critical functions. Duration: 12min

8. Quiz 10 Quiz

Questions: 9

9. Vault And-natspec

A practical guide to Building a Secure Rebase Vault with Effective Solidity Practices - Learn to construct a `Vault` contract managing ETH deposits and `RebaseToken` minting/burning, with secure interactions via Solidity interfaces and the CEI pattern. This lesson also covers vital Solidity practices: correct NatSpec comments, the `receive()` ETH function, and indexed event parameters for efficient tracking. Duration: 14min

10. Rebase Token-tests-part-1

A practical walkthrough to Foundry Test Environment Setup for Rebase Tokens - Configure your Foundry test environment to test `RebaseToken` and `Vault` contracts, focusing on the `setup` function for deployments, type casting, and role assignments using `vm.prank`. You'll also begin writing a fuzz test for linear interest, utilizing `bound` for inputs and `vm.deal` for user balances. Duration: 11min

11. Rebase Token-test-part-2

A strategic guide to Bulletproofing Rebase Tokens with Advanced Foundry Fuzzing - Explore advanced Foundry fuzz testing techniques to ensure rebase token robustness, covering input optimization with `bound`, rigorous testing of interest accrual, and validation of redeem/transfer logic. Learn to effectively debug common pitfalls like truncation and overflows, and enhance security through comprehensive access control tests and `forge coverage`. Duration: 43min

12. Vulnerabilities And-cross-chain-intro

A critical review to Rebase Token Vulnerabilities and Cross-Chain Token Primer with CCIP - Dissect design flaws in `RebaseToken.sol` such as interest rate manipulation and unintended compounding. Gain an overview of cross-chain token bridging and the Chainlink Cross-Chain Interoperability Protocol (CCIP). Duration: 6min

13. Bridging

An insightful journey into Understanding Blockchain Bridges: Connecting Isolated Networks - Discover how blockchain bridges serve as vital connectors between disparate networks, learn essential bridging terminology, and understand their necessity in Web3. You'll explore the mechanics behind asset transfers like lock-and-mint, differentiate between native/third-party and centralized/decentralized bridges, and grasp key security practices. Duration: 8min

14. Quiz 11 Quiz

Questions: 7

15. CCIP

A practical guide to Unlocking Cross-Chain Communication with Chainlink CCIP - Learn to bridge blockchains using Chainlink CCIP, mastering its architecture for secure data and token transfers. You'll explore its multi-layered security, including the Risk Management Network, and send your first cross-chain message. Duration: 12min

16. The CCT Standard

An implementer's guide to Chainlink's CCT Standard & Foundry for Cross-Chain Tokens - Master Chainlink's Cross-Chain Token (CCT) Standard, enabling permissionless, developer-owned token pools with enhanced security and programmable transfers. This guide details deploying a Burn & Mint token on testnets using Foundry, from configuration to transfer. Duration: 13min

17. Circle CCTP

An essential guide to Bridging Blockchains with Circle's CCTP - Understand how Circle's Cross-Chain Transfer Protocol (CCTP) enables seamless native USDC movement between networks using its burn-and-mint process, eliminating wrapped token vulnerabilities. You'll explore its architecture, standard vs. fast transfers, and a step-by-step Ethers.js implementation. Duration: 12min

18. Quiz 12 Quiz

Questions: 8

19. Pool Contract

An in-depth walkthrough to Enabling Cross-Chain Rebase Tokens with Chainlink CCIP: A Custom Token Pool Guide - Learn to create a custom Chainlink CCIP token pool in Foundry for rebase tokens, enabling "Burn & Mint" cross-chain functionality. This guide details implementing `lockOrBurn` and `releaseOrMint` to preserve user-specific interest rates. Duration: 31min

20. Finish Pool Contract

A practical debugging walkthrough to Debugging and Finalizing Your RebaseTokenPool Contract - Resolve common Solidity compilation errors in your `RebaseTokenPool` contract and tests using `forge build`. You'll learn to fix incorrect import paths, update function argument calls, and correct the misuse of `abi.decode` for a successful compilation. Duration: 1min

21. Chainlink Local-and-fork-tests

A developer's guide to Mastering Local CCIP Testing with Foundry and Chainlink Local - Set up Foundry to manage multiple local blockchain forks like Sepolia and Arbitrum Sepolia using RPC aliases and cheatcodes such as `vm.createSelectFork` and `vm.makePersistent`. You'll then bridge these forks by deploying Chainlink Local's `CCIPLocalSimulatorFork`, enabling seamless local testing of CCIP message relay. Duration: 11min

22. Deploy Token-test

A practical primer to Deploying Your First Cross-Chain Tokens with Chainlink CCIP in Foundry - Configure your Foundry test environment to simulate Sepolia and Arbitrum Sepolia, deploying `RebaseToken` on both and a `Vault` on the source chain for Chainlink CCIP. Learn to use `vm.createFork`, `vm.selectFork`, and `vm.startPrank` for these initial cross-chain contract deployments. Duration: 4min

23. CCIP Setup-test

An indispensable primer to Setting Up Your CCIP Test Environment in Foundry - Establish your Chainlink CCIP testing grounds in Foundry by deploying key contracts like RebaseToken and TokenPools on forked Sepolia and Arbitrum Sepolia networks. This guide covers troubleshooting type errors, using `CCIPLocalSimulatorFork` to get network specifics, and configuring token permissions and pool links. Duration: 11min

24. Configure Pool-test

An essential setup guide to Activating Cross-Chain CCIP Token Transfers via Pool Configuration - Learn the critical `applyChainUpdates` process to configure Chainlink CCIP Token Pools, enabling them for cross-chain burn & mint operations. This guide shows how to implement this in Foundry, managing local/remote chain settings and `ChainUpdate` structs. Duration: 10min

25. Bridge Function-test

A comprehensive walkthrough to Building a Reusable `bridgeTokens` Test for Chainlink CCIP in Foundry - Discover how to implement a flexible `bridgeTokens` test function in Foundry for validating cross-chain token movements with Chainlink CCIP. This lesson covers `EVM2AnyMessage` creation, fee handling via `CCIPLocalSimulatorFork`, and end-to-end transfer verification. Duration: 21min

26. Quiz 26 Quiz

Questions: 5

27. First Cross-chain-test

An in-depth guide to Testing Cross-Chain Rebase Token Bridging - Master the complexities of testing cross-chain rebase token bridging between Sepolia and Arbitrum Sepolia forks using Foundry and the Chainlink CCIP Local Simulator. You'll handle intricate setup, implement `bridgeTokens`, manage CCIP fees, and simulate message routing. Duration: 11min

28. Vault Deployment-script

A practical guide to Crafting Your Foundry Deployment Script for the Vault Contract - Learn to write a `VaultDeployer.s.sol` script using Foundry, covering essential imports, the `run()` function, and deployment with `vm.startBroadcast`. This lesson shows how to deploy a `Vault` contract, grant it token mint/burn roles, and return the deployed contract instance. Duration: 4min

29. Token And-pool-deployer

A streamlined deployment guide to Automating Token and Pool Deployment for Chainlink CCIP with Foundry - Learn to craft a `Deployer.s.sol` Foundry script for deploying a custom `RebaseToken` and its `RebaseTokenPool`. You'll also automate the essential Chainlink CCIP configurations to enable Burn & Mint token transfers in a local development environment. Duration: 9min

30. Pool Config-script

An essential tutorial to Crafting the `ConfigurePool.s.sol` Script for CCIP Token Pool Configuration - Master building a Foundry script (`ConfigurePool.s.sol`) to configure deployed `TokenPool` contracts for CCIP operations. You'll learn to use `applyChainUpdates`, prepare `ChainUpdate` structs with rate limiters, and ABI-encode addresses for robust cross-chain setup. Duration: 8min

31. Bridging Script

A comprehensive walkthrough to Crafting a Foundry Script for CCIP Token Bridging - Learn to create the `BridgeTokens.s.sol` script for sending ERC20 tokens cross-chain via Chainlink CCIP without data payloads. This guide details constructing the `EVM2AnyMessage`, handling fees, approving tokens, and executing `ccipSend`. Duration: 13min

32. Build Scripts

33. Run Scripts-on-testnet

A step-by-step deployment guide to Deploying Your Cross-Chain Application to Testnets - Deploy contracts to Ethereum Sepolia & ZKsync Sepolia testnets, covering testnet LINK acquisition and using bash scripts (`forge create`/`cast send`) for ZKsync due to Foundry script limitations. Configure your environment with `.env` and Foundry keystore, troubleshoot deployments, and verify cross-chain CCIP transactions. Duration: 15min

34. Cross Chain-message-sucess

A detailed breakdown to Mastering Cross-Chain Token Transfers: A CCIP Case Study with Rebase Tokens (RBT) - Get a detailed breakdown of verifying a Rebase Token (RBT) cross-chain transfer via Chainlink CCIP from Ethereum Sepolia to ZKsync Sepolia. Master using the CCIP Explorer to interpret transaction details and confirm token receipt in Metamask on the ZKsync Sepolia network. Duration: 3min

35. Outro

An architectural review of Mastering Cross-Chain Rebase Tokens: A Comprehensive Recap - Revisit the complete architecture of a cross-chain rebase token, including `RebaseToken` mechanics, `Vault` interactions, and CCIP integration. Discover how Foundry scripts automate deployment and testing, culminating in a live cross-chain transaction. Duration: 3min

36. Quiz 13 Quiz