Support

## Setting Up Your Foundry Test Environment for Rebase Tokens To begin testing your Solidity smart contracts, particularly a `RebaseToken` and `Vault` system, we'll use the Foundry testing framework. Foundry tests are written in Solidity files that conventionally end with `.t.sol`. First, create your test file, for instance, `test/RebaseToken.t.sol`. Every Solidity file should start with an SPDX license identifier and the pragma directive specifying the compiler version: ```solidity // SPDX-License-Identifier: MIT pragma solidity ^0.8.24; ``` Next, import the necessary components. For our rebase token tests, we need: * `Test` and `console` from `forge-std/Test.sol`: These provide Foundry's core testing utilities and a console logging feature. * `RebaseToken` and `Vault`: The smart contracts we intend to test, imported from their respective locations (e.g., `../src/RebaseToken.sol`). * `IRebaseToken`: An interface for our `RebaseToken`. This is crucial because our `Vault` contract's constructor will expect an `IRebaseToken` type. Your import block will look something like this: ```solidity import {Test, console} from "forge-std/Test.sol"; import {RebaseToken} from "../src/RebaseToken.sol"; import {Vault} from "../src/Vault.sol"; import {IRebaseToken} from "../src/interfaces/IRebaseToken.sol"; ``` ## Defining Your Test Contract and Initial State Foundry tests are structured within a contract that inherits from the imported `Test` contract. Inside this test contract, we'll declare state variables to hold instances of our deployed contracts and define standard addresses for actors like an owner and a user. ```solidity contract RebaseTokenTest is Test { RebaseToken private rebaseToken; Vault private vault; address public owner = makeAddr("owner"); address public user = makeAddr("user"); // Setup function and test functions will follow } ``` Here, `rebaseToken` and `vault` will store the deployed contract instances. We use Foundry's `makeAddr(string)` cheatcode to create deterministic addresses labeled "owner" and "user". This is useful for consistently setting up test scenarios. ## The `setup` Function: Deploying Contracts and Initial Configuration Foundry provides a special function named `setup`, which is executed before each test function (any function prefixed with `test...`). This is the ideal place to deploy your contracts and perform any initial configurations required for your tests. Our `setup` function will handle: 1. Deploying the `RebaseToken`. 2. Deploying the `Vault`, ensuring correct type casting for its constructor argument. 3. Granting the `Vault` contract the necessary permissions to mint and burn `RebaseToken`s. 4. Simulating initial collateral or rewards by sending ETH to the `Vault`. ```solidity function setup() public { // Impersonate the 'owner' address for deployments and role granting vm.startPrank(owner); rebaseToken = new RebaseToken(); // Deploy Vault: requires IRebaseToken. // Direct casting (IRebaseToken(rebaseToken)) is invalid. // Correct way: cast rebaseToken to address, then to IRebaseToken. vault = new Vault(IRebaseToken(address(rebaseToken))); // Grant the MINT_AND_BURN_ROLE to the Vault contract. // The grantMintAndBurnRole function expects an address. rebaseToken.grantMintAndBurnRole(address(vault)); // Send 1 ETH to the Vault to simulate initial funds. // The target address must be cast to 'payable'. (bool success, ) = payable(address(vault)).call{value: 1 ether}(""); // It's good practice to handle the success flag, though omitted for brevity here. // Stop impersonating the 'owner' vm.stopPrank(); } ``` **Key Points on Type Casting and Interactions:** * **Interface Casting:** When the `Vault` constructor expects an `IRebaseToken` and you have a `RebaseToken` instance, you must first cast the instance to its `address` and then wrap it with the interface: `IRebaseToken(address(rebaseToken))`. * **Address Casting:** When a function (like `grantMintAndBurnRole`) expects an `address` and you have a contract instance (`vault`), cast it using `address(vault)`. * **Payable Casting for Sending ETH:** To send ETH using a low-level `.call`, the recipient address (e.g., `address(vault)`) must be cast to `payable`. * **Pranking:** `vm.startPrank(address)` makes all subsequent contract calls originate from the specified address. `vm.stopPrank()` reverts to the default test contract address as the caller. This is essential for testing access control. ## Writing Your First Fuzz Test: Verifying Linear Interest Accrual With the setup complete, we can start writing test cases. We'll begin by testing if the `RebaseToken` accrues interest linearly over time after a user deposits. This test will also introduce **fuzz testing**. Fuzz testing involves calling a function with a wide range of automatically generated inputs to discover edge cases or unexpected behavior. In Foundry, you enable fuzzing by adding parameters to your test function. ```solidity // Test if interest accrues linearly after a deposit. // 'amount' will be a fuzzed input. function testDepositLinear(uint256 amount) public { // Constrain the fuzzed 'amount' to a practical range. // Min: 0.00001 ETH (1e5 wei), Max: type(uint96).max to avoid overflows. amount = bound(amount, 1e5, type(uint96).max); // 1. User deposits 'amount' ETH vm.startPrank(user); // Actions performed as 'user' vm.deal(user, amount); // Give 'user' the 'amount' of ETH to deposit // TODO: Implement deposit logic: // vault.deposit{value: amount}(); // Example // 2. TODO: Check initial rebase token balance for 'user' // uint256 initialBalance = rebaseToken.balanceOf(user); // 3. TODO: Warp time forward and check balance again // uint256 timeDelta = 1 days; // Example // vm.warp(block.timestamp + timeDelta); // uint256 balanceAfterFirstWarp = rebaseToken.balanceOf(user); // uint256 interestFirstPeriod = balanceAfterFirstWarp - initialBalance; // 4. TODO: Warp time forward by the same amount and check balance again // vm.warp(block.timestamp + timeDelta); // Warp by another 'timeDelta' // uint256 balanceAfterSecondWarp = rebaseToken.balanceOf(user); // uint256 interestSecondPeriod = balanceAfterSecondWarp - balanceAfterFirstWarp; // TODO: Assert that interestFirstPeriod == interestSecondPeriod for linear accrual. // assertEq(interestFirstPeriod, interestSecondPeriod, "Interest accrual is not linear"); vm.stopPrank(); // Stop impersonating 'user' } ``` **Explanation of Fuzzing Setup:** * **Fuzzed Parameter:** `uint256 amount` in the function signature tells Foundry to run this test multiple times with different random values for `amount`. * **`bound(variable, min, max)`:** This Foundry cheatcode constrains the fuzzed `amount` to a meaningful range (between 100,000 wei and `uint96.max`). This is more effective than `vm.assume` for setting input boundaries as it guides the fuzzer. * **User Actions:** * `vm.startPrank(user)`: Simulates the `user` performing the deposit. * `vm.deal(user, amount)`: A cheatcode to give the `user` address the specified `amount` of ETH, ensuring they have funds for the fuzzed deposit. * **Test Logic Outline:** The comments outline the steps: deposit, check balance, advance time (using `vm.warp`), check balance again, advance time by the same interval, and finally, assert that the interest accrued in both periods is equal for linear growth. ## Key Foundry Cheatcodes and Best Practices Encountered Throughout this initial setup, we've utilized several powerful Foundry cheatcodes and encountered important Solidity practices: **Foundry Cheatcodes Used:** * `vm.startPrank(address)`: Execute subsequent calls as if originating from `address`. * `vm.stopPrank()`: Revert `msg.sender` to the test contract's address. * `makeAddr(string)`: Creates a deterministic, labeled address for testing. * `vm.deal(address, amount)`: Sets the ETH balance of `address` to `amount`. * `bound(variable, min, max)`: Constrains a fuzzed input `variable` to the range `[min, max]`. * Low-level `.call{value: ethAmount}("")`: A way to send ETH to an address, especially to trigger `receive` or `fallback` functions. **Important Solidity and Testing Practices:** * **Type Casting for Interoperability:** * When a contract instance needs to be passed as an interface type: `InterfaceType(address(contractInstance))`. * When a contract instance needs to be passed as an address: `address(contractInstance)`. * When sending ETH via low-level calls, the target address must be cast to `payable`: `payable(address)`. * **Handling Low-Level Call Returns:** Functions like `.call`, `.send`, and `.transfer` return a boolean indicating success. It's crucial to handle this return value, at least by assigning it to a variable to avoid compiler warnings. In production code, you should explicitly check this boolean. ```solidity (bool success, bytes memory data) = target.call{value: amount}(""); require(success, "ETH transfer failed"); ``` * **Levels of Testing:** While this tutorial combines unit and fuzz testing for efficiency, remember that comprehensive testing often involves: * **Unit Tests:** Testing individual functions in isolation. * **Fuzz Tests:** Testing functions with a wide range of inputs. * **Integration Tests:** Testing how multiple contracts interact, or how contracts interact with off-chain scripts. By following these setup steps and understanding these core concepts, you're well on your way to writing robust tests for your `RebaseToken` system using Foundry. The next steps will involve completing the `testDepositLinear` logic and adding more test cases for other functionalities.

Rebase Token-tests-part-1

A practical walkthrough to Foundry Test Environment Setup for Rebase Tokens - Configure your Foundry test environment to test `RebaseToken` and `Vault` contracts, focusing on the `setup` function for deployments, type casting, and role assignments using `vm.prank`. You'll also begin writing a fuzz test for linear interest, utilizing `bound` for inputs and `vm.deal` for user balances.

Course Overview

About the course

What you'll learn

Advanced smart contract development

How to develop a stablecoin

How to develop a DeFi protocol

How to develop a DAO

Advanced smart contracts testing

Fuzz testing

Manual verification

Course Description

Who is this course for?

Engineers
Smart Contract Security researchers

Potential Careers

Web3 Developer Relations

$85,000 - $125,000 (avg. salary)

Web3 developer

$60,000 - $150,000 (avg. salary)

Smart Contract Engineer

$100,000 - $150,000 (avg. salary)

Smart Contract Auditor

$100,000 - $200,000 (avg. salary)

Security researcher

$49,999 - $120,000 (avg. salary)

Meet your instructors

Patrick Collins

Founder at Cyfrin

Web3 engineer, educator, and Cyfrin co-founder. Patrick's smart contract development and security courses have helped hundreds of thousands of engineers kickstarting their careers into web3.

Ciara Nightingale

Developer relations at Cyfrin

Guest lecturers:

Juliette Chevalier

Lead Developer relations at Aragon

Vasiliy Gualoto

Developer relations at ThirdWeb

Nader Dabit

Director of developer relations at EigenLayer

Ally Haire

Developer relations at Protocol Labs

Harrison

Founder at GasliteGG

Vitto Rivabella

CPO at Cyfrin

Last updated on June 10, 2025

Thanks for checking us out

Start learning for free

Start for free

Solidity Smart Contract Developer Advanced Foundry

Section 1: Develop an ERC20 Crypto Currency

Duration: 36min

Section 2: Develop an NFTs Collection

Duration: 3h 06min

Section 3: Develop a DeFi Protocol

Duration: 5h 02min

Section 4: Cross Chain Rebase Token

Duration: 6h 02min

1. Introduction

A comprehensive masterclass to Building Cross-Chain Rebase Tokens with Foundry and Chainlink CCIP - Learn to design, implement, and deploy interest-accruing rebase tokens across chains using Foundry and Chainlink CCIP. Covers burn-and-mint logic, advanced fork testing with local CCIP simulation, and automated deployment scripts. Duration: 3min

2. What Is-a-rebase-token

An essential guide to Demystifying Rebase Tokens and Elastic Supply - Grasp how rebase tokens use an elastic supply to algorithmically alter your balance, demystifying unexpected changes in your crypto holdings. You'll explore their core mechanics, types, contrast with standard tokens, and see how Aave's aTokens work, including a peek into their smart contract logic. Duration: 2min

3. Rebase Token-code-structure

A strategic guide to Blueprinting Your Single-Chain Rebase Token - Initialize your Foundry project and establish a clean development environment for your smart contracts. Then, architect the core functionalities of a single-chain rebase token, defining its dynamic balance system and a unique, decreasing global interest rate model to incentivize early users. Duration: 9min

4. Writing The-rebase-token-contract

A conceptual guide to Writing Your First Rebase Token in Solidity - Discover how to build an ERC20-based Rebase Token in Solidity, allowing user balances to automatically grow via accrued interest. This lesson details setting up global and user-specific interest rates, overriding `balanceOf` for dynamic balance reflection, and minting new tokens as interest. Duration: 33min

5. Mintinterest And-burn-functions

A comprehensive deep-dive to Solidity Rebase Tokens: Managing Dynamic Balances and Interest - Explore how to implement `_mintAccruedInterest` to ensure accurate reflection of accrued interest in user balances before any token operations. You'll learn to build `mint` and `burn` functions for rebase tokens, incorporating `type(uint256).max` for full balance interactions and adhering to Solidity best practices. Duration: 9min

6. Finish Rebase-token-contract

An in-depth lesson to Completing Your Rebase Token Smart Contract - Finalize your custom RebaseToken by overriding OpenZeppelin ERC20 functions like `balanceOf` and `transfer` for accurate interest accrual. Explore the `totalSupply` trade-off, add new utility functions, and identify the next vital step: implementing robust access control. Duration: 16min

7. Access Control

An implementer's guide to Securing Your RebaseToken: Implementing Access Control in Solidity - Learn to fortify your `RebaseToken` by integrating OpenZeppelin's `Ownable` for simple owner control and `AccessControl` for fine-grained, role-based permissions. You'll implement `onlyOwner` and `onlyRole` modifiers, define custom roles, and manage their assignment for critical functions. Duration: 12min

8. Quiz 10 Quiz

Questions: 9

9. Vault And-natspec

A practical guide to Building a Secure Rebase Vault with Effective Solidity Practices - Learn to construct a `Vault` contract managing ETH deposits and `RebaseToken` minting/burning, with secure interactions via Solidity interfaces and the CEI pattern. This lesson also covers vital Solidity practices: correct NatSpec comments, the `receive()` ETH function, and indexed event parameters for efficient tracking. Duration: 14min

10. Rebase Token-tests-part-1

11. Rebase Token-test-part-2

A strategic guide to Bulletproofing Rebase Tokens with Advanced Foundry Fuzzing - Explore advanced Foundry fuzz testing techniques to ensure rebase token robustness, covering input optimization with `bound`, rigorous testing of interest accrual, and validation of redeem/transfer logic. Learn to effectively debug common pitfalls like truncation and overflows, and enhance security through comprehensive access control tests and `forge coverage`. Duration: 43min

12. Vulnerabilities And-cross-chain-intro

A critical review to Rebase Token Vulnerabilities and Cross-Chain Token Primer with CCIP - Dissect design flaws in `RebaseToken.sol` such as interest rate manipulation and unintended compounding. Gain an overview of cross-chain token bridging and the Chainlink Cross-Chain Interoperability Protocol (CCIP). Duration: 6min

13. Bridging

An insightful journey into Understanding Blockchain Bridges: Connecting Isolated Networks - Discover how blockchain bridges serve as vital connectors between disparate networks, learn essential bridging terminology, and understand their necessity in Web3. You'll explore the mechanics behind asset transfers like lock-and-mint, differentiate between native/third-party and centralized/decentralized bridges, and grasp key security practices. Duration: 8min

14. Quiz 11 Quiz

Questions: 7

15. CCIP

A practical guide to Unlocking Cross-Chain Communication with Chainlink CCIP - Learn to bridge blockchains using Chainlink CCIP, mastering its architecture for secure data and token transfers. You'll explore its multi-layered security, including the Risk Management Network, and send your first cross-chain message. Duration: 12min

16. The CCT Standard

An implementer's guide to Chainlink's CCT Standard & Foundry for Cross-Chain Tokens - Master Chainlink's Cross-Chain Token (CCT) Standard, enabling permissionless, developer-owned token pools with enhanced security and programmable transfers. This guide details deploying a Burn & Mint token on testnets using Foundry, from configuration to transfer. Duration: 13min

17. Circle CCTP

An essential guide to Bridging Blockchains with Circle's CCTP - Understand how Circle's Cross-Chain Transfer Protocol (CCTP) enables seamless native USDC movement between networks using its burn-and-mint process, eliminating wrapped token vulnerabilities. You'll explore its architecture, standard vs. fast transfers, and a step-by-step Ethers.js implementation. Duration: 12min

18. Quiz 12 Quiz

Questions: 8

19. Pool Contract

An in-depth walkthrough to Enabling Cross-Chain Rebase Tokens with Chainlink CCIP: A Custom Token Pool Guide - Learn to create a custom Chainlink CCIP token pool in Foundry for rebase tokens, enabling "Burn & Mint" cross-chain functionality. This guide details implementing `lockOrBurn` and `releaseOrMint` to preserve user-specific interest rates. Duration: 31min

20. Finish Pool Contract

A practical debugging walkthrough to Debugging and Finalizing Your RebaseTokenPool Contract - Resolve common Solidity compilation errors in your `RebaseTokenPool` contract and tests using `forge build`. You'll learn to fix incorrect import paths, update function argument calls, and correct the misuse of `abi.decode` for a successful compilation. Duration: 1min

21. Chainlink Local-and-fork-tests

A developer's guide to Mastering Local CCIP Testing with Foundry and Chainlink Local - Set up Foundry to manage multiple local blockchain forks like Sepolia and Arbitrum Sepolia using RPC aliases and cheatcodes such as `vm.createSelectFork` and `vm.makePersistent`. You'll then bridge these forks by deploying Chainlink Local's `CCIPLocalSimulatorFork`, enabling seamless local testing of CCIP message relay. Duration: 11min

22. Deploy Token-test

A practical primer to Deploying Your First Cross-Chain Tokens with Chainlink CCIP in Foundry - Configure your Foundry test environment to simulate Sepolia and Arbitrum Sepolia, deploying `RebaseToken` on both and a `Vault` on the source chain for Chainlink CCIP. Learn to use `vm.createFork`, `vm.selectFork`, and `vm.startPrank` for these initial cross-chain contract deployments. Duration: 4min

23. CCIP Setup-test

An indispensable primer to Setting Up Your CCIP Test Environment in Foundry - Establish your Chainlink CCIP testing grounds in Foundry by deploying key contracts like RebaseToken and TokenPools on forked Sepolia and Arbitrum Sepolia networks. This guide covers troubleshooting type errors, using `CCIPLocalSimulatorFork` to get network specifics, and configuring token permissions and pool links. Duration: 11min

24. Configure Pool-test

An essential setup guide to Activating Cross-Chain CCIP Token Transfers via Pool Configuration - Learn the critical `applyChainUpdates` process to configure Chainlink CCIP Token Pools, enabling them for cross-chain burn & mint operations. This guide shows how to implement this in Foundry, managing local/remote chain settings and `ChainUpdate` structs. Duration: 10min

25. Bridge Function-test

A comprehensive walkthrough to Building a Reusable `bridgeTokens` Test for Chainlink CCIP in Foundry - Discover how to implement a flexible `bridgeTokens` test function in Foundry for validating cross-chain token movements with Chainlink CCIP. This lesson covers `EVM2AnyMessage` creation, fee handling via `CCIPLocalSimulatorFork`, and end-to-end transfer verification. Duration: 21min

26. Quiz 26 Quiz

Questions: 5

27. First Cross-chain-test

An in-depth guide to Testing Cross-Chain Rebase Token Bridging - Master the complexities of testing cross-chain rebase token bridging between Sepolia and Arbitrum Sepolia forks using Foundry and the Chainlink CCIP Local Simulator. You'll handle intricate setup, implement `bridgeTokens`, manage CCIP fees, and simulate message routing. Duration: 11min

28. Vault Deployment-script

A practical guide to Crafting Your Foundry Deployment Script for the Vault Contract - Learn to write a `VaultDeployer.s.sol` script using Foundry, covering essential imports, the `run()` function, and deployment with `vm.startBroadcast`. This lesson shows how to deploy a `Vault` contract, grant it token mint/burn roles, and return the deployed contract instance. Duration: 4min

29. Token And-pool-deployer

A streamlined deployment guide to Automating Token and Pool Deployment for Chainlink CCIP with Foundry - Learn to craft a `Deployer.s.sol` Foundry script for deploying a custom `RebaseToken` and its `RebaseTokenPool`. You'll also automate the essential Chainlink CCIP configurations to enable Burn & Mint token transfers in a local development environment. Duration: 9min

30. Pool Config-script

An essential tutorial to Crafting the `ConfigurePool.s.sol` Script for CCIP Token Pool Configuration - Master building a Foundry script (`ConfigurePool.s.sol`) to configure deployed `TokenPool` contracts for CCIP operations. You'll learn to use `applyChainUpdates`, prepare `ChainUpdate` structs with rate limiters, and ABI-encode addresses for robust cross-chain setup. Duration: 8min

31. Bridging Script

A comprehensive walkthrough to Crafting a Foundry Script for CCIP Token Bridging - Learn to create the `BridgeTokens.s.sol` script for sending ERC20 tokens cross-chain via Chainlink CCIP without data payloads. This guide details constructing the `EVM2AnyMessage`, handling fees, approving tokens, and executing `ccipSend`. Duration: 13min

32. Build Scripts

An in-depth walkthrough to Mastering Cross-Chain Foundry Deployments and `via_ir` Test Stability - Prepare your smart contracts for cross-chain deployment across testnets like Sepolia and zkSync, focusing on successful compilation and secure RPC setup. Dive into resolving the `via_ir` and `vm.warp()` testing conflict in Foundry to ensure your CI pipelines run smoothly with robust tests. Duration: 4min

33. Run Scripts-on-testnet

A step-by-step deployment guide to Deploying Your Cross-Chain Application to Testnets - Deploy contracts to Ethereum Sepolia & ZKsync Sepolia testnets, covering testnet LINK acquisition and using bash scripts (`forge create`/`cast send`) for ZKsync due to Foundry script limitations. Configure your environment with `.env` and Foundry keystore, troubleshoot deployments, and verify cross-chain CCIP transactions. Duration: 15min

34. Cross Chain-message-sucess

A detailed breakdown to Mastering Cross-Chain Token Transfers: A CCIP Case Study with Rebase Tokens (RBT) - Get a detailed breakdown of verifying a Rebase Token (RBT) cross-chain transfer via Chainlink CCIP from Ethereum Sepolia to ZKsync Sepolia. Master using the CCIP Explorer to interpret transaction details and confirm token receipt in Metamask on the ZKsync Sepolia network. Duration: 3min

35. Outro

An architectural review of Mastering Cross-Chain Rebase Tokens: A Comprehensive Recap - Revisit the complete architecture of a cross-chain rebase token, including `RebaseToken` mechanics, `Vault` interactions, and CCIP integration. Discover how Foundry scripts automate deployment and testing, culminating in a live cross-chain transaction. Duration: 3min

36. Quiz 13 Quiz