deploying-contracts-on-base

Deploys smart contracts to Base using Foundry. Covers forge create commands, contract verification, testnet faucet setup via CDP, and BaseScan API key configuration. Use when deploying Solidity contracts to Base Mainnet or Sepolia testnet. Covers phrases like "deploy contract to Base", "forge create on Base", "verify contract on BaseScan", "get testnet ETH", "Base Sepolia faucet", "how do I deploy to Base", or "publish my contract".

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "deploying-contracts-on-base" with this command: npx skills add base/skills/base-skills-deploying-contracts-on-base

Deploying Contracts on Base

Prerequisites

  1. Configure RPC endpoint (testnet: sepolia.base.org, mainnet: mainnet.base.org)
  2. Store private keys in Foundry's encrypted keystore — never commit keys
  3. Obtain testnet ETH from CDP faucet (testnet only)
  4. Get a BaseScan API key for contract verification

Security

  • Never commit private keys to version control — use Foundry's encrypted keystore (cast wallet import)
  • Never hardcode API keys in source files — use environment variables or foundry.toml with ${ENV_VAR} references
  • Never expose .env files — add .env to .gitignore
  • Use production RPC providers (not public endpoints) for mainnet deployments to avoid rate limits and data leaks
  • Verify contracts on BaseScan to enable public audit of deployed code

Input Validation

Before constructing shell commands, validate all user-provided values:

  • contract-path: Must match ^[a-zA-Z0-9_/.-]+\.sol:[a-zA-Z0-9_]+$. Reject paths with spaces, semicolons, pipes, or backticks.
  • rpc-url: Must be a valid HTTPS URL (^https://[^\s;|&]+$). Reject non-HTTPS or malformed URLs.
  • keystore-account: Must be alphanumeric with hyphens/underscores (^[a-zA-Z0-9_-]+$).
  • etherscan-api-key: Must be alphanumeric (^[a-zA-Z0-9]+$).

Do not pass unvalidated user input into shell commands.

Obtaining Testnet ETH via CDP Faucet

Testnet ETH is required to pay gas on Base Sepolia. Use the CDP Faucet to claim it. Supported tokens: ETH, USDC, EURC, cbBTC. ETH claims are capped at 0.0001 ETH per claim, 1000 claims per 24 hours.

Option A: CDP Portal UI (recommended for quick setup)

Agent behavior: If you have browser access, navigate to the portal and claim directly. Otherwise, ask the user to complete these steps and provide the funded wallet address.

  1. Sign in to CDP Portal (create an account at portal.cdp.coinbase.com/create-account if needed)
  2. Go to Faucets
  3. Select Base Sepolia network
  4. Select ETH token
  5. Enter the wallet address and click Claim
  6. Verify on sepolia.basescan.org that the funds arrived

Option B: Programmatic via CDP SDK

Requires a CDP API key and Wallet Secret.

npm install @coinbase/cdp-sdk dotenv

import { CdpClient } from "@coinbase/cdp-sdk";
import dotenv from "dotenv";
dotenv.config();

const cdp = new CdpClient();
const account = await cdp.evm.createAccount();

const faucetResponse = await cdp.evm.requestFaucet({
  address: account.address,
  network: "base-sepolia",
  token: "eth",
});

console.log(`Funded: https://sepolia.basescan.org/tx/${faucetResponse.transactionHash}`);

Environment variables needed in .env:

CDP_API_KEY_ID=your-api-key-id
CDP_API_KEY_SECRET=your-api-key-secret
CDP_WALLET_SECRET=your-wallet-secret

To fund an existing wallet instead of creating a new one, pass its address directly to requestFaucet.

Obtaining a BaseScan API Key

A BaseScan API key is required for the --verify flag to auto-verify contracts on BaseScan. BaseScan uses the same account system as Etherscan.

Agent behavior: If you have browser access, navigate to the BaseScan site and create the key. Otherwise, ask the user to complete these steps and provide the API key.

  1. Go to basescan.org/myapikey (or etherscan.io/myapikey — same account works)
  2. Sign in or create a free account
  3. Click Add to create a new API key
  4. Copy the key and set it in your environment:
export ETHERSCAN_API_KEY=your-basescan-api-key

Alternatively, pass it directly to forge:

forge create ... --etherscan-api-key <your-key>

Or add it to foundry.toml:

[etherscan]
base-sepolia = { key = "${ETHERSCAN_API_KEY}", url = "https://api-sepolia.basescan.org/api" }
base = { key = "${ETHERSCAN_API_KEY}", url = "https://api.basescan.org/api" }

Deployment Commands

Testnet

forge create src/MyContract.sol:MyContract \
  --rpc-url https://sepolia.base.org \
  --account <keystore-account> \
  --verify \
  --etherscan-api-key $ETHERSCAN_API_KEY

Mainnet

forge create src/MyContract.sol:MyContract \
  --rpc-url https://mainnet.base.org \
  --account <keystore-account> \
  --verify \
  --etherscan-api-key $ETHERSCAN_API_KEY

Key Notes

  • Contract format: <contract-path>:<contract-name>
  • --verify flag auto-verifies on BaseScan (requires API key)
  • Explorers: basescan.org (mainnet), sepolia.basescan.org (testnet)
  • CDP Faucet docs: docs.cdp.coinbase.com/faucets

Common Issues

ErrorCause
nonce has already been usedNode sync incomplete
Transaction failsInsufficient ETH for gas — claim from faucet
Verification failsWrong RPC endpoint for target network
Verification 403/unauthorizedMissing or invalid BaseScan API key

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

building-with-base-account

No summary provided by upstream source.

Repository SourceNeeds Review
-99
base
General

connecting-to-base-network

No summary provided by upstream source.

Repository SourceNeeds Review
-96
base
General

converting-minikit-to-farcaster

No summary provided by upstream source.

Repository SourceNeeds Review
-95
base