Advanced Foundry - Circle CCTP

Support

## Circle's Cross-Chain Transfer Protocol (CCTP) CCTP is a protocol that facilitates the transfer of USDC across different blockchains. It uses a burn and mint mechanism instead of a traditional lock and unlock mechanism. Here are the steps involved in a standard CCTP transfer: 1. **Initiation:** A user initiates a transfer using a CCTP enabled app and specifies their recipient address on the destination chain. 2. **Burn the Tokens:** The specified USDC amount is burned on the source chain. 3. **Instant Attestation:** Circle's attestation service attests to the burn event (after soft finality) and issues a signed attestation. 4. **Fast Transfer Allowance Backing:** The burned USDC amount is backed by Circle's Fast Transfer allowance until hard finality is reached. This acts as a buffer to protect against reorgs. The Fast Transfer allowance is temporarily debited by the burn amount. 5. **Mint the Tokens:** The app fetches the signed attestation from Circle and uses it to trigger the minting of USDC on the destination chain. An on-chain fee is collected during this process. 6. **Fast Transfer Allowance Replenishment:** Once hard finality is reached, the amount is credited back to Circle's Fast Transfer allowance. 7. **Completion:** The recipient wallet receives the newly minted USDC on the destination chain and the transfer is complete. **CCTP V2 (Fast Transfer)** CCTP V2 offers a faster transfer option that's currently available on testnet. Here are the steps involved: 1. **Initiation:** A user initiates a transfer using a CCTP V2 enabled app and specifies their recipient address on the destination chain. 2. **Burn the Tokens:** The specified USDC amount is burned on the source chain. 3. **Instant Attestation:** Circle's attestation service issues a signed attestation after "soft finality." 4. **Fast Transfer Allowance Backing:** While waiting for hard finality, the burned USDC amount is backed by Circle's Fast Transfer allowance. 5. **Mint the Tokens:** The signed attestation is fetched. USDC is minted to the recipient. An on-chain fee is collected. 6. **Fast Transfer Allowance Replenishment:** Once hard finality is reached, the amount is credited back to the Fast Transfer Allowance. 7. **Completion:** The recipient wallet receives the newly minted USDC on the destination chain. **Code Example** Here's a code example demonstrating the process using ethers.js: ```javascript const ethers = require("ethers"); const dotenv = require("dotenv"); const tokenMessengerAbi = require("../abis/cctp/TokenMessenger.json"); const messageAbi = require("../abis/cctp/Message.json"); const usdcAbi = require("../abis/usdc.json"); const messageTransmitterAbi = require("../abis/cctp/MessageTransmitter.json"); dotenv.config(); const main = async () => { const ethProvider = new ethers.providers.JsonRpcProvider( process.env.TESTNET_ETH_RPC ); const baseProvider = new ethers.providers.JsonRpcProvider( process.env.BASE_TESTNET_RPC ); // Wallets const ethWallet = new ethers.Wallet(process.env.ETH_PRIVATE_KEY, ethProvider); const baseWallet = new ethers.Wallet( process.env.BASE_PRIVATE_KEY, baseProvider ); // Testnet Contract Addresses const ETH_TOKEN_MESSENGER_CONTRACT_ADDRESS = "0x9f886793C72Fef59B4F889444E4156f7b70AA5"; const USDC_ETH_CONTRACT_ADDRESS = "0x1c7D4B196C68b014743fBc611692397987238"; const ETH_MESSAGE_CONTRACT_ADDRESS = "0x80537e4de8AD72D819bba3a81B45ACa087C9"; const BASE_MESSAGE_TRANSMITTER_CONTRACT_ADDRESS = "0x78657A51FC2D6b369d2C0f932eF7AEe91088BEFD"; // Initialize contracts const ethTokenMessenger = new ethers.Contract( ETH_TOKEN_MESSENGER_CONTRACT_ADDRESS, tokenMessengerAbi, ethWallet ); const usdcEth = new ethers.Contract( USDC_ETH_CONTRACT_ADDRESS, usdcAbi, ethWallet ); const ethMessage = new ethers.Contract( ETH_MESSAGE_CONTRACT_ADDRESS, messageAbi, ethWallet ); const baseMessageTransmitter = new ethers.Contract( BASE_MESSAGE_TRANSMITTER_CONTRACT_ADDRESS, messageTransmitterAbi, baseWallet ); const baseDestinationDomain = 6; const destinationAddressInBytes32 = await ethMessage.addressToBytes32( process.env.RECIPIENT_ADDRESS ); const amount = process.env.AMOUNT; // Convert recipient address to bytes32 const mintRecipient = await ethMessage.addressToBytes32( process.env.RECIPIENT_ADDRESS ); // Approve const approveTx = await usdcEth.approve( ETH_TOKEN_MESSENGER_CONTRACT_ADDRESS, amount ); await approveTx.wait(); console.log("ApproveTxReceipt:", approveTx.hash); // Burn USDC const burnTx = await ethTokenMessenger.depositForBurn( amount, baseDestinationDomain, destinationAddressInBytes32, USDC_ETH_CONTRACT_ADDRESS ); await burnTx.wait(); console.log("BurnTxReceipt:", burnTx.hash); // Retrieve message bytes const receipt = await ethProvider.getTransactionReceipt(burnTx.hash); const eventTopic = ethers.utils.id("MessageSent(bytes)"); const log = receipt.logs.find( (l) => l.topics[0] === eventTopic ); const messageBytes = ethers.utils.defaultAbiCoder.decode( ["bytes"], log.data )[0]; console.log("MessageBytes:", messageBytes); const messageHash = ethers.utils.keccak256(messageBytes); console.log("MessageHash:", messageHash); // Fetch attestation signature let attestationResponse = { status: "pending" }; while (attestationResponse.status !== "complete") { const response = await fetch( `https://iris-api-sandbox.circle.com/attestations/${messageHash}` ); attestationResponse = await response.json(); await new Promise((r) => setTimeout(r, 2000)); } const attestationSignature = attestationResponse.attestation; console.log("Signature:", attestationSignature); // Receive funds on BASE const receiveTx = await baseMessageTransmitter.receiveMessage( messageBytes, attestationSignature ); await receiveTx.wait(); console.log("ReceiveTxReceipt:", receiveTx.hash); }; main().catch(console.error); ``` **Security Features** CCTP incorporates several security features to enhance reliability: 1. **Attestation Verification:** Every transaction is verified through the attestation process, ensuring the minted USDC is genuine. 2. **Minter Allowance Limits:** CCTP imposes limits for burning and minting. Circle sets a minter allowance, which specifies the maximum amount of USDC that can be minted. This limit can only be increased by Circle, preventing the burning of USDC on the source chain that cannot be minted on the destination chain. This limit can be queried from the TokenMinter smart contract. 3. **Public Burn Limit Per Message:** CCTP provides a public burn limit per message mapping that can be queried to determine the allowed burn limit for each message. **Use Cases** CCTP enables a number of use cases: * **Fast and Secure Cross-Chain Rebalancing:** Market makers and exchanges can move USDC across chains to optimize liquidity, reduce costs, and react to market shifts. * **Composable Cross-Chain Swaps:** Users can swap assets across blockchains by routing through USDC. * **Programmable Cross-Chain Purchases:** CCTP V2 includes hooks for post-transfer actions after minting occurs, such as purchasing an NFT or staking tokens. **Further Information** For more information on CCTP, please refer to their documentation.

Circle CCTP

A comprehensive guide to Circle's Cross Chain Transfer Protocol or CCTP. The lesson covers the basics of CCTP, a solution for moving USDC across different blockchains, the two transfer methods, standard and fast, as well as the security features of this protocol.

Course Overview

About the course

What you'll learn

Advanced smart contract development

How to develop a stablecoin

How to develop a DeFi protocol

How to develop a DAO

Advanced smart contracts testing

Fuzz testing

Manual verification

Course Description

Who is this course for?

Engineers
Smart Contract Security researchers

Potential Careers

Web3 Developer Relations

$85,000 - $125,000 (avg. salary)

Web3 developer

$60,000 - $150,000 (avg. salary)

Smart Contract Engineer

$100,000 - $150,000 (avg. salary)

Smart Contract Auditor

$100,000 - $200,000 (avg. salary)

Security researcher

$49,999 - $120,000 (avg. salary)

Meet your instructors

Patrick Collins

Founder at Cyfrin

Web3 engineer, educator, and Cyfrin co-founder. Patrick's smart contract development and security courses have helped hundreds of thousands of engineers kickstarting their careers into web3.

Guest lecturers:

Juliette Chevalier

Lead Developer relations at Aragon

Ciara Nightingale

Developer relations at Thirdweb

Vasiliy Gualoto

Developer relations at Cyfrin

Nader Dabit

Director of developer relations at Avara

Ally Haire

Developer relations at Protocol Labs

Harrison

Founder at GasliteGG

Vitto Rivabella

Lead Developer relations at Cyfrin

Last updated on March 11, 2025

Thanks for checking us out

Start learning for free

Start for free

Solidity Developer

Advanced Foundry

Section 1: Develop an ERC20 Crypto Currency

Duration: 36min

Section 2: Develop an NFTs Collection

Duration: 3h 06min

Section 3: Develop a DeFi Protocol

Duration: 5h 02min

Section 4: Cross Chain Rebase Token

Duration: 6h 02min

1. Introduction

A comprehensive guide to building cross-chain rebased tokens. This lesson covers the fundamentals of creating a rebased token and explores advanced functionalities like using the 'super' keyword, advanced testing with fork tests and more. Duration: 3min

2. What Is-a-rebase-token

A simple explainer to rebase tokens - This lesson covers the basic concepts of rebase tokens and how they differ from typical cryptocurrencies. We'll also explore some real-world examples including Aave, and how rebase tokens are used in DeFi. Duration: 2min

3. Rebase Token-code-structure

A detailed guide to building a cross-chain rebase token. This lesson covers the basics of rebase tokens, including how to design a contract that accrues interest dynamically, how to set an individual interest rate for users, and how to update the global interest rate. Duration: 9min

4. Writing The-rebase-token-contract

A complete guide to creating a rebase token - This lesson covers creating a rebase token smart contract by inheriting the ERC20 contract from OpenZeppelin, setting the global interest rate, creating a mint function to mint accrued interest, and creating a balance of function to calculate the balance of the user, including the interest that has accrued since the last time the user balance was updated. Duration: 33min

5. Mintinterest And-burn-functions

A comprehensive guide to creating mint and burn functions for a rebase token - This lesson covers the creation of a mintAccruedInterest function to mint interest earned to the user's balance. It then explores the concept of dust and the creation of a burn function to address this. Duration: 9min

6. Finish Rebase-token-contract

A comprehensive guide to finishing a rebase token smart contract. The lesson covers overriding important functions within OpenZeppelin's ERC20 contract for a rebase token, including transfer, transferFrom, and totalSupply. Also, the lesson shows how to implement access control to a setInterestRate function that allows for interest rate to only decrease. Duration: 16min

7. Access Control

A technical guide to Access Control in Solidity - Learn about how to implement access control in your Solidity smart contracts using OpenZeppelin's Ownable contract, which allows for a single owner to control the contract. This guide also touches on using OpenZeppelin's AccessControl contract, which allows for granting various roles to different accounts. Duration: 12min

8. Vault And-natspec

A comprehensive guide to building a Vault contract in Solidity. This lesson covers the fundamentals of creating a Vault contract, including how to pass in the token address to the constructor, create deposit and redeem functions, add rewards to the vault, implement a receive() function, and utilize interfaces to interact with other contracts. Duration: 14min

9. Rebase Token-tests-part-1

A comprehensive guide to creating a rebase token test in Solidity using Foundry. The lesson covers the process of creating a new test file, importing dependencies, writing a basic setup function, and finally deploying the test. It then demonstrates how to interact with the rebase token to create a deposit and redeem. This lesson also introduces fuzz testing to ensure that the rebase token functions correctly under a wide range of inputs. Duration: 11min

10. Rebase Token-test-part-2

A complete guide to testing a rebase token in Solidity. This lesson covers the important aspects of testing your rebase token, including linear interest, the ability to redeem, and the ability to transfer tokens to another chain. Duration: 43min

11. Vulnerabilities And-cross-chain-intro

A basic guide to rebase tokens and cross-chain - This lesson covers a practical example of a rebase token with cross-chain features built into the design, including two main design flaws that were addressed. Learn what these design flaws are, how to implement cross-chain transfers, and how to bridge your tokens cross-chain. Duration: 6min

12. Bridging

A comprehensive introduction to blockchain bridges. This lesson covers what a blockchain bridge is, how they work, the different types of bridges, and the benefits of cross-chain interoperability. Duration: 8min

13. Ccip

A comprehensive guide to Chainlink CCIP - This lesson covers the basic functionality of Chainlink CCIP, the decentralized framework for secure cross-chain messaging. It teaches you how to send a message and some tokens across chains via CCIP with detailed explanations and examples. Duration: 12min

14. The Cct-standard

A comprehensive guide to the Chainlink CCIP Cross Chain Token Standard. This lesson will cover the basics of the standard, two main reasons it was built, a quick architectural overview, and a demonstration of deploying a cross-chain token using the Chainlink CCIP tutorials. Duration: 13min

15. Circle CCTP New

16. Pool Contract

Duration: 31min

17. Finish Pool-contract

A technical guide to finishing the pool contract in a Solidity smart contract project. The lesson covers how to finish building a smart contract pool, including how to use the proper file paths in the import statements, and how to properly pass arguments to the function when setting interest rates. Duration: 1min

18. Chainlink Local-and-fork-tests

A practical guide to Chainlink local and fork tests. The lesson covers the basics of setting up a Chainlink local test environment, including installing the necessary dependencies, importing the CCIP local simulator, creating forks, and deploying your contracts. Duration: 11min

19. Deploy Token-test

A comprehensive guide to deploying your first Cross Chain Token using Chainlink CCIP. This tutorial takes you step by step through deploying your tokens on both the source and destination chains using Foundry, and configuring the mint and burn permissions for your tokens to use CCIP for cross-chain transfers. Duration: 4min

20. Ccip Setup-test

Duration: 11min

21. Configure Pool-test

A detailed guide to configuring token pools using CCIP in Solidity. The lesson covers the basics of using the `applyChainUpdates` function inside of the `TokenPool` library to enable cross-chain communication between Sepolia and Arbitrum Sepolia. It also covers importing the `RateLimiter` library to configure rate limits for the token pool. Duration: 10min

22. Bridge Function-test

A comprehensive guide to cross-chain token transfers using CCIP - This lesson explores the process of cross-chain token transfers, covering the steps involved in creating the necessary EVM2AnyMessage struct, interacting with the router to get the fee, and finally, sending the tokens across chains. Duration: 21min

23. First Cross-chain-test

A comprehensive guide to creating a cross-chain token using Chainlink. The lesson dives into the world of cross-chain communication using Chainlink, demonstrating how to build a smart contract to bridge tokens across different blockchains. The lesson covers setting up a development environment, creating forks, configuring token pools, and bridging tokens in a step-by-step approach. Duration: 11min

24. Vault Deployment-script

A comprehensive guide to deploying a Vault smart contract using Forge. The lesson explains the process of building a deployer script that automatically sets the permissions necessary for CCIP and demonstrates how to call the functions to properly deploy the Vault and grant the required permissions. Duration: 4min

25. Token And-pool-deployer

A comprehensive guide to deploying a rebase token and a rebase token pool using Chainlink CCIP on a local simulator fork. This lesson covers creating a Solidity script that first deploys a rebase token, then deploys a rebase token pool, then configures the Chainlink CCIP network, and finally grants the newly deployed token pool the mint and burn role. Duration: 9min

26. Pool Config-script

A comprehensive guide to configuring pools in a CCIP rebase token project. The lesson covers the creation of Solidity scripts for pool configuration, including how to import necessary contracts and libraries, define functions, and set up rate limiter configurations. Duration: 8min

27. Bridging Script

A comprehensive guide to bridging tokens with ccip on zkSync - The lesson covers the process of creating a Solidity smart contract to bridge tokens from a Sepolia network to a zkSync Sepolia network, with a focus on using the ccip protocol for cross chain communications. Duration: 13min

28. Build Scripts

A comprehensive guide to building cross-chain scripts for token rebasing - This lesson explains the process of building cross-chain scripts for token rebasing, including deploying contracts, testing, and deploying to a live test net. The lesson also includes important information regarding potential issues that may occur with using a 'via_ir' variable in Foundry to test scripts. Duration: 4min

29. Run Scripts-on-testnet

A practical guide to testing and deploying a rebase token across chains using Chainlink’s CCIP. The video covers how to create a rebase token, deploy it on a test network, and use Chainlink’s CCIP to bridge it across chains, along with helpful tips for overcoming potential hurdles. Duration: 15min

30. Cross Chain-message-sucess

A complete walkthrough to creating a rebase token and enabling it for cross-chain transfers! This lesson covers the details of creating a rebase token, deploying it to a testnet, and sending the rebase token across chains. Duration: 3min

31. Outro

A comprehensive recap of the rebase token project. The lesson covers the basics of setting up a rebase token, deploying contracts on Sepolia, and sending tokens cross chain. Duration: 3min

Section 5: Airdrop and Signatures

Duration: 2h 47min

Section 6: Upgradeable Smart Contracts

Duration: 1h 23min

Section 7: Account Abstraction

Duration: 4h 28min

Section 8: DAOs

Duration: 1h 19min

Section 9: Security

Duration: 1h 10min