Support

## Crafting Your Foundry Deployment Script for the Vault Contract This lesson guides you through creating a deployer script using Foundry for a Solidity project, focusing on the deployment of a `Vault` contract. We'll cover setting up the script, structuring your deployment logic, and implementing the necessary functions to deploy the `Vault` and configure its initial permissions. ### Project Setup and Initial File Creation The first step in automating your contract deployment is to create a dedicated script file within your Foundry project. 1. **Create the Deployer Script File:** Navigate to the `script` directory of your project and create a new file named `Deployer.s.sol`. The `.s.sol` extension is crucial as it signals to Foundry that this file contains deployment or interaction scripts. ``` // Project structure excerpt: // script/ // Deployer.s.sol (newly created) ``` 2. **Basic Solidity Boilerplate:** Begin your `Deployer.s.sol` file with standard Solidity boilerplate: * **SPDX License Identifier:** Specify the license under which your code is released. ```solidity // SPDX-License-Identifier: MIT ``` * **Pragma Solidity:** Define the Solidity compiler version(s) compatible with your script. ```solidity pragma solidity ^0.8.24; ``` ### Purpose and Scope of the Deployer Script This deployer script is designed to handle several key deployment tasks within our project: 1. Deploy a `RebaseToken` contract. 2. Deploy a `RebaseTokenPool` contract. 3. Deploy a `Vault` contract. 4. Configure all necessary permissions for Cross-Chain Interoperability Protocol (CCIP) integration. While this lesson focuses primarily on the `Vault` deployment, understanding the broader scope helps in structuring the script effectively. ### Importing Foundry's Core `Script` Contract To utilize Foundry's powerful scripting features, such as cheatcodes for broadcasting transactions and managing contract state during deployment, you need to import the base `Script` contract from the `forge-std` library. ```solidity import {Script} from "forge-std/Script.sol"; ``` By inheriting from `Script`, your deployer contracts gain access to a rich set of tools provided by Foundry. ### Structuring Deployer Contracts for Targeted Deployment For this project, we'll define two separate deployer contracts within our `Deployer.s.sol` file to manage distinct deployment requirements: 1. **`TokenAndPoolDeployer`:** This contract will be responsible for deploying the `RebaseToken` and `RebaseTokenPool` contracts. Its implementation will be covered separately. ```solidity contract TokenAndPoolDeployer is Script { // Implementation for RebaseToken and RebaseTokenPool deployment will be added here. } ``` 2. **`VaultDeployer`:** This contract will specifically handle the deployment of the `Vault` contract. ```solidity contract VaultDeployer is Script { // Implementation for Vault deployment will be detailed below. } ``` **Rationale for Separation:** This separation is strategic due to the differing deployment needs of the contracts: * The **`Vault` contract** is intended for deployment *only on the source chain*. This is because core functionalities like deposits and redemptions are restricted to the source chain environment. * The **`RebaseToken` and `RebaseTokenPool` contracts**, on the other hand, need to be deployed on *both the source and destination chains* to facilitate cross-chain operations. By splitting the deployment logic, we can execute each deployer script selectively on the appropriate chains. ### Implementing the `VaultDeployer` Contract Let's focus on implementing the `VaultDeployer` contract, which is a more straightforward starting point. 1. **Importing Necessary Contracts and Interfaces:** To deploy the `Vault` and interact with its dependencies, we need to import the relevant contract definitions and interfaces: * The `Vault` contract itself, typically located in your project's `src` directory. *Note: The exact path (`../src/Vault.sol`) might vary based on your project's directory structure.* ```solidity import {Vault} from "../src/Vault.sol"; ``` * The `IRebaseToken` interface. The `Vault` constructor requires an address conforming to this interface. ```solidity import {IRebaseToken} from "../src/interfaces/IRebaseToken.sol"; ``` 2. **Defining the `run` Function:** The `run()` function is the main entry point for a Foundry script. Foundry executes this function when you invoke the script. * It will take the address of the already deployed `_rebaseToken` as an argument, as the `Vault`'s constructor depends on it. ```solidity // Context from Vault.sol's constructor: // constructor(IRebaseToken _rebaseToken) { // i_rebaseToken = _rebaseToken; // } ``` * Initially, we define it without a return type, which we'll refine later. ```solidity function run(address _rebaseToken) public { // Deployment logic will go here. } ``` 3. **Using Foundry Cheatcodes for Deployment:** Foundry provides "cheatcodes" (accessible via the `vm` instance inherited from `Script`) to interact with the blockchain environment during script execution. * `vm.startBroadcast();`: This crucial cheatcode tells Foundry to start broadcasting all subsequent state-changing calls (like contract deployments or function calls that modify state) as actual transactions to the specified network. * `vm.stopBroadcast();`: This signals Foundry to stop broadcasting transactions. All deployments and state changes should occur between these two calls. 4. **Deploying the `Vault` Contract:** Inside the `run` function, between `vm.startBroadcast()` and `vm.stopBroadcast()`, use the `new` keyword to deploy an instance of the `Vault` contract. Pass the `_rebaseToken` address, appropriately cast to the `IRebaseToken` type, to its constructor. ```solidity vm.startBroadcast(); Vault vault = new Vault(IRebaseToken(_rebaseToken)); // Permissions granting logic will follow here. vm.stopBroadcast(); ``` 5. **Granting Mint and Burn Role to the Vault:** After deploying the `Vault`, it typically needs specific permissions on other contracts. In this case, the `Vault` requires the ability to mint and burn `RebaseToken`s. This is achieved by calling a `grantMintAndBurnRole` function on the `rebaseToken` contract instance, passing the address of the newly deployed `vault`. ```solidity // Inside the run function, after vault deployment and before vm.stopBroadcast(): IRebaseToken(_rebaseToken).grantMintAndBurnRole(address(vault)); ``` * **Interface Update for `grantMintAndBurnRole`:** You might encounter a linter or compiler error if the `grantMintAndBurnRole` function is not defined in your `IRebaseToken` interface. To resolve this, navigate to your `src/interfaces/IRebaseToken.sol` file (or wherever it's defined) and add the function signature: ```solidity // In IRebaseToken.sol interface IRebaseToken { // ... other function signatures function grantMintAndBurnRole(address _account) external; } ``` This update ensures that your script can correctly call the function on an `IRebaseToken` instance. * **Tip for Lingering Linter Errors:** Sometimes, Solidity linters in IDEs might not immediately pick up changes in imported files. If an error persists after you've correctly updated an interface, try cutting and pasting the problematic line of code back into your script; this can often force the linter to re-evaluate. 6. **Returning the Deployed Vault Instance:** To make the address (and instance) of the deployed `Vault` contract easily accessible to other scripts or for verification after the script runs, modify the `run` function to return the `Vault` instance. * Foundry scripts offer a convenient feature: they can implicitly return the last assigned variable if the `returns` clause of the function matches its type and name. * Update the `run` function signature to declare `Vault vault` as a return variable. * Remove the `Vault` type declaration for the `vault` variable inside the function body, as it's now declared in the `returns` clause and will be assigned directly. The final `VaultDeployer` contract with the `run` function looks like this: ```solidity contract VaultDeployer is Script { // Imports for Vault and IRebaseToken should be above this contract definition function run(address _rebaseToken) public returns (Vault vault) { vm.startBroadcast(); vault = new Vault(IRebaseToken(_rebaseToken)); // 'vault' is now assigned to the return variable IRebaseToken(_rebaseToken).grantMintAndBurnRole(address(vault)); vm.stopBroadcast(); // Foundry implicitly returns the 'vault' instance here } } ``` ### Summary of the `VaultDeployer` Script At this stage, your `VaultDeployer` script is configured to perform the following actions: 1. Accept the address of a pre-deployed `RebaseToken` contract as an input parameter. 2. Deploy a new instance of the `Vault` contract, correctly initializing it by passing the `RebaseToken` address to its constructor. 3. Grant the newly deployed `Vault` contract the necessary `MintAndBurnRole` on the provided `RebaseToken` contract. 4. Return the instance of the successfully deployed `Vault` contract, making its address and methods available for subsequent operations or verification. This segment has demonstrated a foundational approach to creating a targeted deployment script in Foundry, encompassing constructor argument handling, interaction with contract interfaces, essential permission management, and leveraging Foundry's implicit return capabilities for deployed contract instances.

Vault Deployment-script

A practical guide to Crafting Your Foundry Deployment Script for the Vault Contract - Learn to write a `VaultDeployer.s.sol` script using Foundry, covering essential imports, the `run()` function, and deployment with `vm.startBroadcast`. This lesson shows how to deploy a `Vault` contract, grant it token mint/burn roles, and return the deployed contract instance.

Course Overview

About the course

What you'll learn

Advanced smart contract development

How to develop a stablecoin

How to develop a DeFi protocol

How to develop a DAO

Advanced smart contracts testing

Fuzz testing

Manual verification

Course Description

Who is this course for?

Engineers
Smart Contract Security researchers

Potential Careers

Web3 Developer Relations

$85,000 - $125,000 (avg. salary)

Web3 developer

$60,000 - $150,000 (avg. salary)

Smart Contract Engineer

$100,000 - $150,000 (avg. salary)

Smart Contract Auditor

$100,000 - $200,000 (avg. salary)

Security researcher

$49,999 - $120,000 (avg. salary)

Meet your instructors

Patrick Collins

Founder at Cyfrin

Web3 engineer, educator, and Cyfrin co-founder. Patrick's smart contract development and security courses have helped hundreds of thousands of engineers kickstarting their careers into web3.

Ciara Nightingale

Developer relations at Cyfrin

Guest lecturers:

Juliette Chevalier

Lead Developer relations at Aragon

Vasiliy Gualoto

Developer relations at ThirdWeb

Nader Dabit

Director of developer relations at EigenLayer

Ally Haire

Developer relations at Protocol Labs

Harrison

Founder at GasliteGG

Vitto Rivabella

CPO at Cyfrin

Last updated on June 10, 2025

Thanks for checking us out

Start learning for free

Start for free

Solidity Smart Contract Developer Advanced Foundry

Section 1: Develop an ERC20 Crypto Currency

Duration: 36min

Section 2: Develop an NFTs Collection

Duration: 3h 06min

Section 3: Develop a DeFi Protocol

Duration: 5h 02min

Section 4: Cross Chain Rebase Token

Duration: 6h 02min

1. Introduction

A comprehensive masterclass to Building Cross-Chain Rebase Tokens with Foundry and Chainlink CCIP - Learn to design, implement, and deploy interest-accruing rebase tokens across chains using Foundry and Chainlink CCIP. Covers burn-and-mint logic, advanced fork testing with local CCIP simulation, and automated deployment scripts. Duration: 3min

2. What Is-a-rebase-token

An essential guide to Demystifying Rebase Tokens and Elastic Supply - Grasp how rebase tokens use an elastic supply to algorithmically alter your balance, demystifying unexpected changes in your crypto holdings. You'll explore their core mechanics, types, contrast with standard tokens, and see how Aave's aTokens work, including a peek into their smart contract logic. Duration: 2min

3. Rebase Token-code-structure

A strategic guide to Blueprinting Your Single-Chain Rebase Token - Initialize your Foundry project and establish a clean development environment for your smart contracts. Then, architect the core functionalities of a single-chain rebase token, defining its dynamic balance system and a unique, decreasing global interest rate model to incentivize early users. Duration: 9min

4. Writing The-rebase-token-contract

A conceptual guide to Writing Your First Rebase Token in Solidity - Discover how to build an ERC20-based Rebase Token in Solidity, allowing user balances to automatically grow via accrued interest. This lesson details setting up global and user-specific interest rates, overriding `balanceOf` for dynamic balance reflection, and minting new tokens as interest. Duration: 33min

5. Mintinterest And-burn-functions

A comprehensive deep-dive to Solidity Rebase Tokens: Managing Dynamic Balances and Interest - Explore how to implement `_mintAccruedInterest` to ensure accurate reflection of accrued interest in user balances before any token operations. You'll learn to build `mint` and `burn` functions for rebase tokens, incorporating `type(uint256).max` for full balance interactions and adhering to Solidity best practices. Duration: 9min

6. Finish Rebase-token-contract

An in-depth lesson to Completing Your Rebase Token Smart Contract - Finalize your custom RebaseToken by overriding OpenZeppelin ERC20 functions like `balanceOf` and `transfer` for accurate interest accrual. Explore the `totalSupply` trade-off, add new utility functions, and identify the next vital step: implementing robust access control. Duration: 16min

7. Access Control

An implementer's guide to Securing Your RebaseToken: Implementing Access Control in Solidity - Learn to fortify your `RebaseToken` by integrating OpenZeppelin's `Ownable` for simple owner control and `AccessControl` for fine-grained, role-based permissions. You'll implement `onlyOwner` and `onlyRole` modifiers, define custom roles, and manage their assignment for critical functions. Duration: 12min

8. Quiz 10 Quiz

Questions: 9

9. Vault And-natspec

A practical guide to Building a Secure Rebase Vault with Effective Solidity Practices - Learn to construct a `Vault` contract managing ETH deposits and `RebaseToken` minting/burning, with secure interactions via Solidity interfaces and the CEI pattern. This lesson also covers vital Solidity practices: correct NatSpec comments, the `receive()` ETH function, and indexed event parameters for efficient tracking. Duration: 14min

10. Rebase Token-tests-part-1

A practical walkthrough to Foundry Test Environment Setup for Rebase Tokens - Configure your Foundry test environment to test `RebaseToken` and `Vault` contracts, focusing on the `setup` function for deployments, type casting, and role assignments using `vm.prank`. You'll also begin writing a fuzz test for linear interest, utilizing `bound` for inputs and `vm.deal` for user balances. Duration: 11min

11. Rebase Token-test-part-2

A strategic guide to Bulletproofing Rebase Tokens with Advanced Foundry Fuzzing - Explore advanced Foundry fuzz testing techniques to ensure rebase token robustness, covering input optimization with `bound`, rigorous testing of interest accrual, and validation of redeem/transfer logic. Learn to effectively debug common pitfalls like truncation and overflows, and enhance security through comprehensive access control tests and `forge coverage`. Duration: 43min

12. Vulnerabilities And-cross-chain-intro

A critical review to Rebase Token Vulnerabilities and Cross-Chain Token Primer with CCIP - Dissect design flaws in `RebaseToken.sol` such as interest rate manipulation and unintended compounding. Gain an overview of cross-chain token bridging and the Chainlink Cross-Chain Interoperability Protocol (CCIP). Duration: 6min

13. Bridging

An insightful journey into Understanding Blockchain Bridges: Connecting Isolated Networks - Discover how blockchain bridges serve as vital connectors between disparate networks, learn essential bridging terminology, and understand their necessity in Web3. You'll explore the mechanics behind asset transfers like lock-and-mint, differentiate between native/third-party and centralized/decentralized bridges, and grasp key security practices. Duration: 8min

14. Quiz 11 Quiz

Questions: 7

15. CCIP

A practical guide to Unlocking Cross-Chain Communication with Chainlink CCIP - Learn to bridge blockchains using Chainlink CCIP, mastering its architecture for secure data and token transfers. You'll explore its multi-layered security, including the Risk Management Network, and send your first cross-chain message. Duration: 12min

16. The CCT Standard

An implementer's guide to Chainlink's CCT Standard & Foundry for Cross-Chain Tokens - Master Chainlink's Cross-Chain Token (CCT) Standard, enabling permissionless, developer-owned token pools with enhanced security and programmable transfers. This guide details deploying a Burn & Mint token on testnets using Foundry, from configuration to transfer. Duration: 13min

17. Circle CCTP

An essential guide to Bridging Blockchains with Circle's CCTP - Understand how Circle's Cross-Chain Transfer Protocol (CCTP) enables seamless native USDC movement between networks using its burn-and-mint process, eliminating wrapped token vulnerabilities. You'll explore its architecture, standard vs. fast transfers, and a step-by-step Ethers.js implementation. Duration: 12min

18. Quiz 12 Quiz

Questions: 8

19. Pool Contract

An in-depth walkthrough to Enabling Cross-Chain Rebase Tokens with Chainlink CCIP: A Custom Token Pool Guide - Learn to create a custom Chainlink CCIP token pool in Foundry for rebase tokens, enabling "Burn & Mint" cross-chain functionality. This guide details implementing `lockOrBurn` and `releaseOrMint` to preserve user-specific interest rates. Duration: 31min

20. Finish Pool Contract

A practical debugging walkthrough to Debugging and Finalizing Your RebaseTokenPool Contract - Resolve common Solidity compilation errors in your `RebaseTokenPool` contract and tests using `forge build`. You'll learn to fix incorrect import paths, update function argument calls, and correct the misuse of `abi.decode` for a successful compilation. Duration: 1min

21. Chainlink Local-and-fork-tests

A developer's guide to Mastering Local CCIP Testing with Foundry and Chainlink Local - Set up Foundry to manage multiple local blockchain forks like Sepolia and Arbitrum Sepolia using RPC aliases and cheatcodes such as `vm.createSelectFork` and `vm.makePersistent`. You'll then bridge these forks by deploying Chainlink Local's `CCIPLocalSimulatorFork`, enabling seamless local testing of CCIP message relay. Duration: 11min

22. Deploy Token-test

A practical primer to Deploying Your First Cross-Chain Tokens with Chainlink CCIP in Foundry - Configure your Foundry test environment to simulate Sepolia and Arbitrum Sepolia, deploying `RebaseToken` on both and a `Vault` on the source chain for Chainlink CCIP. Learn to use `vm.createFork`, `vm.selectFork`, and `vm.startPrank` for these initial cross-chain contract deployments. Duration: 4min

23. CCIP Setup-test

An indispensable primer to Setting Up Your CCIP Test Environment in Foundry - Establish your Chainlink CCIP testing grounds in Foundry by deploying key contracts like RebaseToken and TokenPools on forked Sepolia and Arbitrum Sepolia networks. This guide covers troubleshooting type errors, using `CCIPLocalSimulatorFork` to get network specifics, and configuring token permissions and pool links. Duration: 11min

24. Configure Pool-test

An essential setup guide to Activating Cross-Chain CCIP Token Transfers via Pool Configuration - Learn the critical `applyChainUpdates` process to configure Chainlink CCIP Token Pools, enabling them for cross-chain burn & mint operations. This guide shows how to implement this in Foundry, managing local/remote chain settings and `ChainUpdate` structs. Duration: 10min

25. Bridge Function-test

A comprehensive walkthrough to Building a Reusable `bridgeTokens` Test for Chainlink CCIP in Foundry - Discover how to implement a flexible `bridgeTokens` test function in Foundry for validating cross-chain token movements with Chainlink CCIP. This lesson covers `EVM2AnyMessage` creation, fee handling via `CCIPLocalSimulatorFork`, and end-to-end transfer verification. Duration: 21min

26. Quiz 26 Quiz

Questions: 5

27. First Cross-chain-test

An in-depth guide to Testing Cross-Chain Rebase Token Bridging - Master the complexities of testing cross-chain rebase token bridging between Sepolia and Arbitrum Sepolia forks using Foundry and the Chainlink CCIP Local Simulator. You'll handle intricate setup, implement `bridgeTokens`, manage CCIP fees, and simulate message routing. Duration: 11min

28. Vault Deployment-script

29. Token And-pool-deployer

A streamlined deployment guide to Automating Token and Pool Deployment for Chainlink CCIP with Foundry - Learn to craft a `Deployer.s.sol` Foundry script for deploying a custom `RebaseToken` and its `RebaseTokenPool`. You'll also automate the essential Chainlink CCIP configurations to enable Burn & Mint token transfers in a local development environment. Duration: 9min

30. Pool Config-script

An essential tutorial to Crafting the `ConfigurePool.s.sol` Script for CCIP Token Pool Configuration - Master building a Foundry script (`ConfigurePool.s.sol`) to configure deployed `TokenPool` contracts for CCIP operations. You'll learn to use `applyChainUpdates`, prepare `ChainUpdate` structs with rate limiters, and ABI-encode addresses for robust cross-chain setup. Duration: 8min

31. Bridging Script

A comprehensive walkthrough to Crafting a Foundry Script for CCIP Token Bridging - Learn to create the `BridgeTokens.s.sol` script for sending ERC20 tokens cross-chain via Chainlink CCIP without data payloads. This guide details constructing the `EVM2AnyMessage`, handling fees, approving tokens, and executing `ccipSend`. Duration: 13min

32. Build Scripts

An in-depth walkthrough to Mastering Cross-Chain Foundry Deployments and `via_ir` Test Stability - Prepare your smart contracts for cross-chain deployment across testnets like Sepolia and zkSync, focusing on successful compilation and secure RPC setup. Dive into resolving the `via_ir` and `vm.warp()` testing conflict in Foundry to ensure your CI pipelines run smoothly with robust tests. Duration: 4min

33. Run Scripts-on-testnet

A step-by-step deployment guide to Deploying Your Cross-Chain Application to Testnets - Deploy contracts to Ethereum Sepolia & ZKsync Sepolia testnets, covering testnet LINK acquisition and using bash scripts (`forge create`/`cast send`) for ZKsync due to Foundry script limitations. Configure your environment with `.env` and Foundry keystore, troubleshoot deployments, and verify cross-chain CCIP transactions. Duration: 15min

34. Cross Chain-message-sucess

A detailed breakdown to Mastering Cross-Chain Token Transfers: A CCIP Case Study with Rebase Tokens (RBT) - Get a detailed breakdown of verifying a Rebase Token (RBT) cross-chain transfer via Chainlink CCIP from Ethereum Sepolia to ZKsync Sepolia. Master using the CCIP Explorer to interpret transaction details and confirm token receipt in Metamask on the ZKsync Sepolia network. Duration: 3min

35. Outro

An architectural review of Mastering Cross-Chain Rebase Tokens: A Comprehensive Recap - Revisit the complete architecture of a cross-chain rebase token, including `RebaseToken` mechanics, `Vault` interactions, and CCIP integration. Discover how Foundry scripts automate deployment and testing, culminating in a live cross-chain transaction. Duration: 3min

36. Quiz 13 Quiz