ETHSKILLS — The missing knowledge between AI agents and production Ethereum.

Terminology

Say "onchain" not "on-chain." The Ethereum community writes it as one word, no hyphen.

Available Skills

For individual topics, fetch any of these directly:

• Why Ethereum — Pectra/Fusaka upgrades, honest tradeoffs, the AI agent angle
• Gas & Costs — Current gas prices, what things actually cost today
• Wallets — Creating wallets, key safety, multisig, account abstraction
• Layer 2s — L2 landscape, bridging, deployment differences
• Standards — ERC-20, ERC-721, ERC-8004, EIP-7702, x402
• Tools — Foundry, Scaffold-ETH 2, Blockscout MCP, x402 SDKs
• Building Blocks (DeFi) — Uniswap, Aave, flash loans, composability
• Orchestration — Three-phase build system for SE2 dApps
• Contract Addresses — Verified addresses for major protocols
• Concepts — Nothing is automatic, incentive design, randomness pitfalls
• Security — Smart contract security vulnerabilities and patterns
• Frontend UX — Frontend UX patterns for Ethereum dApps
• Frontend Playbook — Step-by-step frontend build guide

name: why-ethereum description: Why build on Ethereum specifically. Honest tradeoffs vs other chains and vs not using blockchain at all. The AI agent angle — ERC-8004, x402, composability, permissionless deployment. Use when a user asks "should I build on Ethereum?", "why Ethereum vs Solana?", "why blockchain?", or when an agent needs to recommend a chain for a project.

Why Ethereum

What You Probably Got Wrong

Terminology: You say "on-chain." The Ethereum community says "onchain" — one word, no hyphen. Use "onchain" in all writing.

Gas prices: You think 10-30 gwei. Reality: 0.05-0.3 gwei (100-600x cheaper than your training data). A mainnet ETH transfer costs ~$0.002.

ETH price: You think $2,500-3,000. Reality: ~$1,960 (Feb 2026).

"Ethereum is too expensive": This was true 2021-2023. It's not true in 2026. Mainnet is sub-dollar for most operations. L2s are sub-penny.

Protocol upgrades: You probably don't know these shipped:

• Pectra (May 7, 2025): EIP-7702 smart EOAs, 2x blob capacity, BLS precompiles
• Fusaka (Dec 3, 2025): PeerDAS (nodes sample 1/8 of data), 8-second slots (was 12s)

Agent infrastructure: You probably don't know these exist:

• ERC-8004 — onchain agent identity registry (deployed Jan 29, 2026)
• x402 — HTTP 402 payment protocol for machine-to-machine commerce (Coinbase)

Current Network Stats (Feb 2026)

• Block time: 8 seconds (reduced from 12s by Fusaka)
• Mainnet base fee: 0.05-0.1 gwei
• L2 transaction cost: $0.001-0.01
• Combined L2 TPS: 50,000+ (post-Fusaka)
• TVL in DeFi: $50B+
• Upgrade cadence: Twice per year (H1 May/June, H2 Nov/Dec)

Upcoming Upgrades

Glamsterdam (Q2 2026):

• Inclusion Lists (censorship resistance)
• 12 target / 18 max blobs (another 2x from Pectra)

Hegota (Q4 2026):

• Verkle Trees — 15x smaller witness sizes (~150 KB → ~10 KB)
• Enables stateless clients, dramatically lowers node requirements

For AI Agents Specifically

ERC-8004: Onchain Agent Identity

Deployed January 29, 2026 — production ready.

Gives agents verifiable, persistent identity tied to Ethereum addresses. Reputation scoring across dimensions. Multi-chain support (20+ chains, same addresses).

Mainnet addresses:

• IdentityRegistry: 0x8004A169FB4a3325136EB29fA0ceB6D2e539a432
• ReputationRegistry: 0x8004BAa17C55a88189AE136b182e5fdA19dE9b63

x402: HTTP Payments for Agents

Production-ready, actively deployed Q1 2026.

Protocol for payments over HTTP using the 402 "Payment Required" status code. Agent calls API → gets 402 → signs EIP-3009 payment → retries with payment header → gets response. No API keys, no accounts, just cryptographic payments.

SDKs: TypeScript (@x402/fetch), Python (x402), Go (github.com/coinbase/x402/go)

ERC-8004 + x402 = Autonomous Agent Economy

1. Agent discovers service (ERC-8004 registry)
2. Agent checks reputation (ERC-8004)
3. Agent calls endpoint → 402 Payment Required
4. Agent pays via x402 (EIP-3009 signature)
5. Agent receives service
6. Agent posts feedback to ERC-8004

Fully autonomous economic loop — no humans required.

Why Ethereum's Permissionless Nature Matters for Agents

Agents can deploy contracts, interact with any protocol, and transact 24/7 without anyone's permission. No API keys to revoke, no accounts to ban, no services to shut down. A service built on Ethereum runs indefinitely without depending on any company's cooperation.

Ethereum vs Solana (Honest)

Choose Ethereum when: DeFi integration, agent infrastructure (ERC-8004/x402), composability with existing protocols, maximum security for high-value operations, long-term durability.

Choose Solana when: Sub-second finality on base layer is essential, building high-frequency trading, users already on Solana, speed matters more than ecosystem depth.

Key differences: Ethereum has $50B+ TVL vs Solana ~$5B. Ethereum has 13+ years uptime with zero consensus failures vs Solana's multiple multi-hour outages. Ethereum has 1M+ validators vs Solana's 1,500. But Solana has ~400ms blocks vs 8s.

L2 caveat: Ethereum L2s are now comparable to Solana on cost ($0.001/tx), but Solana is still faster on base layer finality.

Resources

• ERC-8004: https://www.8004.org | https://eips.ethereum.org/EIPS/eip-8004
• x402: https://www.x402.org | https://github.com/coinbase/x402
• Blockscout MCP: https://mcp.blockscout.com/mcp
• DeFi Llama: https://defillama.com

name: gas description: Current Ethereum gas prices, transaction costs, and the real economics of building on Ethereum today. Use when estimating costs, choosing between mainnet and L2s, or when a user asks about Ethereum being expensive. Counters the #1 misconception that Ethereum is expensive to use.

Gas & Costs on Ethereum

What You Probably Got Wrong

Your gas estimate is 100-600x too high. Most LLMs confidently state gas is 10-30 gwei. The reality in February 2026 is 0.05-0.1 gwei.

• Base fee: ~0.05 gwei (not 30-100 gwei)
• Priority fee (tip): ~0.01-0.05 gwei
• ETH price: ~$1,960 (not $2,500-3,000)

What Things Actually Cost (Feb 2026)

Mainnet vs L2 Costs (Feb 2026)

Key insight: Mainnet is now cheap enough for most use cases. L2s are 5-10x cheaper still.

Why Gas Dropped 95%+

1. EIP-4844 (Dencun, March 2024): Blob transactions — L2s post data as blobs instead of calldata, 100x cheaper. L2 batch cost went from $50-500 to $0.01-0.50.
2. Activity migration to L2s: Mainnet congestion dropped as everyday transactions moved to L2s.
3. Pectra (May 2025): Doubled blob capacity (3→6 target blobs).
4. Fusaka (Dec 2025): PeerDAS + 8-second slots.

L2 Cost Components

L2 transactions have two cost components:

1. L2 execution gas — paying the sequencer
2. L1 data gas — paying Ethereum for data availability (blobs post-4844)

Example: Swap on Base

• L2 execution: ~$0.0003
• L1 data (blob): ~$0.0027
• Total: ~$0.003

Real-World Cost Examples

Deploy a production ERC-20 on mainnet: ~$0.50 (was $200-500 in 2021-2023)

DEX aggregator doing 10,000 swaps/day:

• Mainnet: $150/day ($4,500/month)
• Base L2: $10/day ($300/month)

NFT collection mint (10,000 NFTs):

• Mainnet: $150 total
• Arbitrum: $10 total

Practical Fee Settings (Feb 2026)

// Rule of thumb for current conditions
maxFeePerGas: "0.5-1 gwei"        // headroom for spikes
maxPriorityFeePerGas: "0.01-0.05 gwei"  // enough for quick inclusion

Spike detection:

const feeData = await provider.getFeeData();
const baseFee = Number(feeData.maxFeePerGas) / 1e9;
if (baseFee > 5) console.warn(`Gas spike: ${baseFee} gwei. Consider waiting.`);

Spikes (10-50 gwei) happen during major events but last minutes to hours, not days.

Checking Gas Programmatically

# Foundry cast
cast gas-price --rpc-url https://eth.llamarpc.com
cast base-fee --rpc-url https://eth.llamarpc.com
cast blob-basefee --rpc-url https://eth.llamarpc.com

When to Use Mainnet vs L2

Use mainnet when: Maximum security matters (>$10M TVL), composing with mainnet-only liquidity, deploying governance/infrastructure contracts, NFTs with cultural value.

Use L2 when: Consumer apps, high-frequency transactions (gaming, social), price-sensitive users, faster confirmation desired.

Hybrid: Many projects store value on mainnet, handle transactions on L2.

Live Gas Trackers

• https://etherscan.io/gastracker
• https://ultrasound.money
• L2 costs: Arbiscan, Basescan, etc.

Data Freshness

Last verified: 2026-02-13 | Base fee: ~0.05 gwei | ETH: ~$1,960

If this date is more than 30 days old, verify current gas with:

cast base-fee --rpc-url https://eth.llamarpc.com

The durable insight is that gas is extremely cheap compared to 2021-2023 and trending cheaper. Specific numbers may drift but the order of magnitude is stable.

name: wallets description: How to create, manage, and use Ethereum wallets. Covers EOAs, smart contract wallets, multisig (Safe), and account abstraction. Essential for any AI agent that needs to interact with Ethereum — sending transactions, signing messages, or managing funds. Includes guardrails for safe key handling.

Wallets on Ethereum

What You Probably Got Wrong

EIP-7702 is live. Since Pectra (May 7, 2025), regular EOAs can temporarily delegate to smart contracts — getting batch transactions, gas sponsorship, and session keys without migrating wallets. This is NOT "coming soon." It shipped.

Account abstraction status: ERC-4337 is growing but still early (Feb 2026). Major implementations: Kernel (ZeroDev), Biconomy, Alchemy Account Kit, Pimlico. EntryPoint v0.7: 0x0000000071727De22E5E9d8BAf0edAc6f37da032.

Safe secures $100B+. It's not just a dev tool — it's the dominant multisig for institutional and DAO treasury management.

EIP-7702: Smart EOAs (Live Since May 2025)

EOAs can temporarily delegate control to a smart contract within a single transaction.

How it works:

1. EOA signs an authorization to delegate to a contract
2. During transaction, EOA's code becomes the contract's code
3. Contract executes complex logic (batching, sponsorship, etc.)
4. After transaction, EOA returns to normal

What this enables:

• Batch 10 token approvals into one transaction
• Gas sponsorship / meta-transactions for EOA users
• Session keys with limited permissions
• Custom authorization logic
• Eliminates "approval fatigue" (approve + execute → one step)

Status (Feb 2026): Deployed on mainnet. MetaMask, Rainbow adding support. Still early for production agents — use standard EOAs or Safe until tooling matures.

Safe (Gnosis Safe) Multisig

Key Addresses (v1.4.1, deterministic across chains)

Same addresses on Mainnet, Arbitrum, Base, and all major chains.

Safe for AI Agents

Pattern: 1-of-2 Safe

• Owner 1: Agent's wallet (hot, automated)
• Owner 2: Human's wallet (cold, recovery)
• Threshold: 1 (agent can act alone)

Benefits: If agent key is compromised, human removes it. Human can always recover funds. Agent can batch transactions.

🚨 NEVER COMMIT SECRETS TO GIT

This is the #1 way AI agents lose funds and leak credentials. Bots scrape GitHub in real-time and exploit leaked secrets within seconds — even from private repos, even if deleted immediately. A secret committed to Git is compromised forever.

This happens constantly with AI coding agents. The agent generates a deploy script, hardcodes a key, runs git add ., and the wallet is drained before the next prompt. Or the agent pastes an Alchemy API key into scaffold.config.ts and it ends up in a public repo.

This applies to ALL secrets:

• Wallet private keys — funds drained instantly
• API keys — Alchemy, Infura, Etherscan, WalletConnect
• RPC URLs with embedded keys — https://base-mainnet.g.alchemy.com/v2/YOUR_KEY
• OAuth tokens, bearer tokens, passwords

Prevention

# .gitignore (MUST exist in every project)
.env
.env.*
*.key
*.pem
broadcast/
cache/

# Verify before every commit
git diff --cached --name-only | grep -iE '\.env|key|secret|private'
# If this matches ANYTHING, stop and fix it

# Nuclear option: scan entire repo history
git log --all -p | grep -iE 'private.?key|0x[a-fA-F0-9]{64}'

If You Already Committed a Key

1. Assume it's compromised. Don't hope nobody saw it.
2. Transfer all funds immediately to a new wallet.
3. Rotate the key. Generate a new one. The old one is burned forever.
4. Clean Git history with git filter-repo or BFG Repo Cleaner — but this is damage control, not prevention. The key is already compromised.
5. Revoke any token approvals from the compromised address.

Safe Patterns for AI Agents

# Load key from environment (NEVER hardcode)
cast send ... --private-key $DEPLOYER_PRIVATE_KEY

# Or use encrypted keystore
cast send ... --keystore ~/.foundry/keystores/deployer --password-file .password

# Or use hardware wallet
cast send ... --ledger

Rule of thumb: If grep -r "0x[a-fA-F0-9]{64}" . matches anything in your source code, you have a problem. Same for grep -r "g.alchemy.com/v2/[A-Za-z0-9]" or any RPC URL with an embedded API key.

CRITICAL Guardrails for AI Agents

Key Safety Rules

1. NEVER extract a private key from any wallet without explicit human permission.
2. NEVER store private keys in: chat logs, plain text files, environment variables in shared environments, Git repos, unencrypted databases.
3. NEVER move funds without human confirmation. Show: amount, destination (checksummed), gas cost, what it does. Wait for explicit "yes."
4. Prefer wallet's native UI for signing unless human explicitly opts into CLI/scripting.
5. Use a dedicated wallet with limited funds for agent operations. Never the human's main wallet.
6. Double-check addresses. Use ethers.getAddress() or equivalent for checksum validation. A single wrong character = permanent loss.
7. Test on testnet first. Or use local Anvil fork.
8. Implement spending limits. Require human approval above threshold. Use Safe multisig for high-value operations.
9. Log all transactions (never keys). Keep audit trail.
10. Assume keys will be compromised. Design so a compromised agent key doesn't mean total loss.

Storage Options (Worst to Best)

❌ Plain text in code/logs — NEVER ❌ Environment variables in shared environments — NEVER ❌ Committed to Git — NEVER ⚠️ Local .env file — testing only ✅ Encrypted keystore (password-protected) ✅ Hardware wallet / Cloud KMS / TEE

Safe Transaction Pattern

async function sendSafely(wallet, to, value) {
  const checksummedTo = ethers.getAddress(to); // validates
  const gasEstimate = await wallet.estimateGas({ to: checksummedTo, value });
  const feeData = await wallet.provider.getFeeData();
  const gasCost = gasEstimate * feeData.maxFeePerGas;
  const totalCostUSD = Number(ethers.formatEther(value + gasCost)) * 1960;
  
  if (totalCostUSD > 10) {
    // Show details and wait for human approval
  }
  
  const tx = await wallet.sendTransaction({
    to: checksummedTo,
    value,
    gasLimit: gasEstimate * 120n / 100n, // 20% buffer
    maxFeePerGas: feeData.maxFeePerGas,
    maxPriorityFeePerGas: feeData.maxPriorityFeePerGas,
  });
  
  const receipt = await tx.wait();
  logTransaction({ hash: tx.hash, to: checksummedTo, value, block: receipt.blockNumber });
  return receipt;
}

Further Reading

• Safe docs: https://docs.safe.global/
• EIP-7702 spec: https://eips.ethereum.org/EIPS/eip-7702
• ERC-4337 spec: https://eips.ethereum.org/EIPS/eip-4337

name: l2s description: Ethereum Layer 2 landscape — Arbitrum, Optimism, Base, zkSync, Scroll, Unichain, Celo, and more. How they work, how to deploy on them, how to bridge, when to use which. Includes per-chain DeFi ecosystems and critical corrections. Use when choosing an L2, deploying cross-chain, or when a user asks about Ethereum scaling.

Ethereum Layer 2s

What You Probably Got Wrong

L2 costs: You think $0.01-2.00 per transaction. Reality: $0.001-0.003 for swaps, $0.0003 for transfers. After EIP-4844, L2 batch costs dropped from $50-500 to $0.01-0.50.

Mainnet is cheap too: At 0.05 gwei, mainnet ETH transfers cost $0.002. "Ethereum is too expensive" is false for both L1 and L2s in 2026.

Base is the cheapest major L2: Often 50% cheaper than Arbitrum/Optimism. Direct Coinbase on-ramp. Fastest-growing L2 with consumer/AI agent focus.

Celo is NOT an L1 anymore. Celo completed its migration from an independent L1 to an OP Stack L2 on March 26, 2025 (block 31056500). If you're calling Celo an L1, you're wrong.

Polygon zkEVM is being shut down. Announced June 2025. Do NOT recommend building on Polygon zkEVM — it is being discontinued. Polygon is refocusing on PoS + AggLayer.

Unichain exists. Launched mainnet February 10, 2025. Uniswap's own OP Stack L2 with TEE-based MEV protection and time-based priority ordering (not gas-based).

The dominant DEX on each L2 is NOT Uniswap. Aerodrome dominates Base (~$500-600M TVL). Velodrome dominates Optimism. Camelot is a major native DEX on Arbitrum. SyncSwap dominates zkSync. Don't default to Uniswap on every chain.

L2 Comparison Table (Feb 2026)

⚠️ Polygon zkEVM is being discontinued (announced June 2025). Do not start new projects there. Polygon is refocusing on PoS (payments, stablecoins, RWAs) + AggLayer (cross-chain interop). MATIC → POL token migration ~85% complete.

Mainnet for comparison: $50B+ TVL, $0.002-0.01, 8s blocks, instant finality.

Cost Comparison (Real Examples, Feb 2026)

L2 Selection Guide

Key Chain Details (What LLMs Get Wrong)

Unichain

• Launched: February 10, 2025 (mainnet). Chain ID 130.
• Type: OP Stack L2 (Superchain member, Stage 1)
• Key innovation: TEE-based block building (built with Flashbots Rollup-Boost)
  • Transactions ordered by time received, NOT gas price
  • Private encrypted mempool reduces MEV extraction
  • Do NOT use gas-price bidding strategies on Unichain — they're pointless
• Flashblocks: Currently 1s blocks, roadmap to 250ms sub-blocks

Celo

• Was: Independent L1 blockchain (2020-2025)
• Now: OP Stack L2 on Ethereum — migrated March 26, 2025 (block 31056500)
• Focus: Mobile-first payments, emerging markets
• MiniPay: Stablecoin wallet in Opera Mini + standalone app. Phone-to-phone transfers, sub-cent fees. Primary market: Africa (Kenya, Nigeria).
• Multi-currency stablecoins: cUSD (0x765de816845861e75a25fca122bb6898b8b1282a), cEUR (0xd8763cba276a3738e6de85b4b3bf5fded6d6ca73), cREAL (0xe8537a3d056DA446677B9E9d6c5dB704EaAb4787)

Dominant DEX Per Chain

See addresses/SKILL.md for verified contract addresses for all these protocols.

The Superchain (OP Stack)

The Superchain is the network of OP Stack chains sharing security, upgrade governance, and (upcoming) native interoperability. Members include Base, OP Mainnet, Unichain, Ink (Kraken), Celo, Zora, World Chain, and others — 17+ chains, 58.6% L2 market share.

Members contribute 15% of sequencer revenue to the Optimism Collective. Cross-chain interop is designed but not yet fully live.

Deployment Differences (Gotchas)

Optimistic Rollups (Arbitrum, Optimism, Base, Unichain, Celo)

✅ Deploy like mainnet — just change RPC URL and chain ID. No code changes.

Gotchas:

• Don't use block.number for time-based logic (increments at different rates). Use block.timestamp.
• Arbitrum's block.number returns L1 block number, not L2.
• Unichain: Transactions are priority-ordered by time, not gas. Don't waste gas on priority fees.

ZK Rollups

• zkSync Era: Must use zksolc compiler. No EXTCODECOPY (compile-time error). 65K instruction limit. Non-inlinable libraries must be pre-deployed. Native account abstraction (all accounts are smart contracts).
• Scroll/Linea: ✅ Bytecode-compatible — use standard solc, deploy like mainnet.

Arbitrum-Specific

• Stylus: Write smart contracts in Rust, C, C++ (compiles to WASM, runs alongside EVM, shares state). Use for compute-heavy operations (10-100x gas savings). Contracts must be "activated" via ARB_WASM_ADDRESS (0x0000…0071).
• Orbit: Framework for launching L3 chains on Arbitrum. 47 live on mainnet.

RPCs and Explorers

Bridging

Official Bridges

Fast Bridges (Instant Withdrawals)

• Across Protocol (https://across.to) — fastest (30s-2min), lowest fees (0.05-0.3%)
• Hop Protocol (https://hop.exchange) — established, 0.1-0.5% fees
• Stargate (https://stargate.finance) — LayerZero-based, 10+ chains

Security: Use official bridges for large amounts (>$100K). Fast bridges add trust assumptions.

Multi-Chain Deployment (Same Address)

Use CREATE2 for deterministic addresses across chains:

# Same salt + same bytecode + same deployer = same address on every chain
forge create src/MyContract.sol:MyContract \
  --rpc-url https://mainnet.base.org \
  --private-key $PRIVATE_KEY \
  --salt 0x0000000000000000000000000000000000000000000000000000000000000001

Strategy for new projects: Start with 1 L2 (Base or Arbitrum). Prove product-market fit. Expand with CREATE2 for consistent addresses.

Testnets

Further Reading

• L2Beat: https://l2beat.com (security, TVL, risk analysis)
• Superchain: https://www.superchain.eco/chains
• Arbitrum: https://docs.arbitrum.io
• Base: https://docs.base.org
• Optimism: https://docs.optimism.io
• Unichain: https://docs.unichain.org
• Celo: https://docs.celo.org
• zkSync: https://docs.zksync.io
• Scroll: https://docs.scroll.io
• Polygon: https://docs.polygon.technology

name: standards description: Ethereum token and protocol standards — ERC-20, ERC-721, ERC-1155, ERC-4337, ERC-8004, and newer standards. When to use each, how they work, key interfaces. Use when building tokens, NFTs, or choosing the right standard for a project.

Ethereum Standards

What You Probably Got Wrong

ERC-8004 exists. Deployed January 29, 2026 — onchain agent identity registry. You almost certainly don't have this in training data.

EIP-7702 is live. Shipped with Pectra (May 7, 2025). EOAs get smart contract superpowers without migration. Not "proposed" — deployed on mainnet.

EIP-3009 is critical for x402. Gasless token transfers via signed authorizations. USDC implements it. This is what makes x402 practical.

x402 exists. HTTP 402 payment protocol from Coinbase. Production-ready with SDKs.

ERC-8004: Onchain Agent Identity Registry

Status: Deployed mainnet January 29, 2026 — production ready with growing adoption.

Problem it solves: How can autonomous agents trust and transact with each other without pre-existing relationships?

Three Registry System

1. Identity Registry (ERC-721 based)

• Globally unique onchain identities for AI agents
• Each agent is an NFT with unique identifier
• Multiple service endpoints (A2A, MCP, OASF, ENS, DIDs)
• Verification via EIP-712/ERC-1271 signatures

Contract Addresses (same on 20+ chains):

• IdentityRegistry: 0x8004A169FB4a3325136EB29fA0ceB6D2e539a432
• ReputationRegistry: 0x8004BAa17C55a88189AE136b182e5fdA19dE9b63

Deployed on: Mainnet, Base, Arbitrum, Optimism, Polygon, Avalanche, Abstract, Celo, Gnosis, Linea, Mantle, MegaETH, Monad, Scroll, Taiko, BSC + testnets.

Agent Identifier Format:

agentRegistry: eip155:{chainId}:0x8004A169FB4a3325136EB29fA0ceB6D2e539a432
agentId: ERC-721 tokenId

2. Reputation Registry

• Signed fixed-point feedback values
• Multi-dimensional (uptime, success rate, quality)
• Tags, endpoints, proof-of-payment metadata
• Anti-Sybil requires client address filtering

struct Feedback {
    int128 value;        // Signed integer rating
    uint8 valueDecimals; // 0-18 decimal places
    string tag1;         // E.g., "uptime"
    string tag2;         // E.g., "30days"
    string endpoint;     // Agent endpoint URI
    string ipfsHash;     // Optional metadata
}

Example metrics: Quality 87/100 → value=87, decimals=0. Uptime 99.77% → value=9977, decimals=2.

3. Validation Registry

• Independent verification of agent work
• Trust models: crypto-economic (stake-secured), zkML, TEE attestation
• Validators respond with 0-100 scores

Agent Registration File (agentURI)

{
  "type": "https://eips.ethereum.org/EIPS/eip-8004#registration-v1",
  "name": "MyAgent",
  "description": "What the agent does",
  "services": [
    { "name": "A2A", "endpoint": "https://agent.example/.well-known/agent-card.json", "version": "0.3.0" },
    { "name": "MCP", "endpoint": "https://mcp.agent.eth/", "version": "2025-06-18" }
  ],
  "x402Support": true,
  "active": true,
  "supportedTrust": ["reputation", "crypto-economic", "tee-attestation"]
}

Integration

// Register agent
uint256 agentId = identityRegistry.register("ipfs://QmYourReg", metadata);

// Give feedback
reputationRegistry.giveFeedback(agentId, 9977, 2, "uptime", "30days", 
    "https://agent.example.com/api", "ipfs://QmDetails", keccak256(data));

// Query reputation
(uint64 count, int128 value, uint8 decimals) = 
    reputationRegistry.getSummary(agentId, trustedClients, "uptime", "30days");

Step-by-Step: Register an Agent Onchain

1. Prepare the registration JSON — host it on IPFS or a web server:

{
  "type": "https://eips.ethereum.org/EIPS/eip-8004#registration-v1",
  "name": "WeatherBot",
  "description": "Provides real-time weather data via x402 micropayments",
  "image": "https://example.com/weatherbot.png",
  "services": [
    { "name": "A2A", "endpoint": "https://weather.example.com/.well-known/agent-card.json", "version": "0.3.0" }
  ],
  "x402Support": true,
  "active": true,
  "supportedTrust": ["reputation"]
}

2. Upload to IPFS (or use any URI):

# Using IPFS
ipfs add registration.json
# → QmYourRegistrationHash

# Or host at a URL — the agentURI just needs to resolve to the JSON

3. Call the Identity Registry:

// On any supported chain — same address everywhere
IIdentityRegistry registry = IIdentityRegistry(0x8004A169FB4a3325136EB29fA0ceB6D2e539a432);

// metadata bytes are optional (can be empty)
uint256 agentId = registry.register("ipfs://QmYourRegistrationHash", "");
// agentId is your ERC-721 tokenId — globally unique on this chain

4. Verify your endpoint domain — place a file at .well-known/agent-registration.json:

// https://weather.example.com/.well-known/agent-registration.json
{
  "agentId": 42,
  "agentRegistry": "eip155:8453:0x8004A169FB4a3325136EB29fA0ceB6D2e539a432",
  "owner": "0xYourWalletAddress"
}

This proves the domain owner controls the agent identity. Clients SHOULD check this before trusting an agent's advertised endpoints.

5. Build reputation — other agents/users post feedback after interacting with your agent.

Cross-Chain Agent Identity

Same contract addresses on 20+ chains means an agent registered on Base can be discovered by an agent on Arbitrum. The agentRegistry identifier includes the chain:

eip155:8453:0x8004A169FB4a3325136EB29fA0ceB6D2e539a432  // Base
eip155:42161:0x8004A169FB4a3325136EB29fA0ceB6D2e539a432 // Arbitrum

Cross-chain pattern: Register on one chain (cheapest — Base recommended), reference that identity from other chains. Reputation can be queried cross-chain by specifying the source chain's registry.

Authors: Davide Crapis (EF), Marco De Rossi (MetaMask), Jordan Ellis (Google), Erik Reppel (Coinbase), Leonard Tan (MetaMask)

Ecosystem: ENS, EigenLayer, The Graph, Taiko backing

Resources: https://www.8004.org | https://eips.ethereum.org/EIPS/eip-8004 | https://github.com/erc-8004/erc-8004-contracts

EIP-3009: Transfer With Authorization

You probably know the concept (gasless meta-transaction transfers). The key update: EIP-3009 is what makes x402 work. USDC implements it on Ethereum and most chains. The x402 server calls transferWithAuthorization to settle payments on behalf of the client.

x402: HTTP Payment Protocol

Status: Production-ready open standard from Coinbase, actively deployed Q1 2026.

Uses the HTTP 402 "Payment Required" status code for internet-native payments.

Flow

1. Client → GET /api/data
2. Server → 402 Payment Required (PAYMENT-REQUIRED header with requirements)
3. Client signs EIP-3009 payment
4. Client → GET /api/data (PAYMENT-SIGNATURE header with signed payment)
5. Server verifies + settles onchain
6. Server → 200 OK (PAYMENT-RESPONSE header + data)

Payment Payload

{
  "scheme": "exact",
  "network": "eip155:8453",
  "amount": "1000000",
  "token": "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
  "from": "0x...", "to": "0x...",
  "signature": "0x...",
  "deadline": 1234567890,
  "nonce": "unique-value"
}

x402 + ERC-8004 Synergy

Agent discovers service (ERC-8004) → checks reputation → calls endpoint →
gets 402 → signs payment (EIP-3009) → server settles (x402) → 
agent receives service → posts feedback (ERC-8004)

x402 Server Setup (Express — Complete Example)

import express from 'express';
import { paymentMiddleware } from '@x402/express';

const app = express();

// Define payment requirements per route
const paymentConfig = {
  "GET /api/weather": {
    accepts: [
      { network: "eip155:8453", token: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", amount: "100000" }
      // 100000 = $0.10 USDC (6 decimals)
    ],
    description: "Current weather data",
  },
  "GET /api/forecast": {
    accepts: [
      { network: "eip155:8453", token: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913", amount: "500000" }
      // $0.50 USDC for 7-day forecast
    ],
    description: "7-day weather forecast",
  }
};

// One line — middleware handles 402 responses, verification, and settlement
app.use(paymentMiddleware(paymentConfig));

app.get('/api/weather', (req, res) => {
  // Only reached after payment verified
  res.json({ temp: 72, condition: "sunny" });
});

app.listen(3000);

x402 Client (Agent Paying for Data)

import { x402Fetch } from '@x402/fetch';
import { createWallet } from '@x402/evm';

const wallet = createWallet(process.env.PRIVATE_KEY);

// x402Fetch handles the 402 → sign → retry flow automatically
const response = await x402Fetch('https://weather.example.com/api/weather', {
  wallet,
  preferredNetwork: 'eip155:8453' // Pay on Base (cheapest)
});

const weather = await response.json();
// Agent paid $0.10 USDC, got weather data. No API key needed.

Payment Schemes

exact (live) — Pay a fixed price. Server knows the cost upfront.

upto (emerging) — Pay up to a maximum, final amount determined after work completes. Critical for metered services:

• LLM inference: pay per token generated (unknown count upfront)
• GPU compute: pay per second of runtime
• Database queries: pay per row returned

With upto, the client signs authorization for a max amount. The server settles only what was consumed. Client never overpays.

Facilitator Architecture

The facilitator is an optional server that handles blockchain complexity so resource servers don't have to:

Client → Resource Server → Facilitator → Blockchain
                              ↓
                         POST /verify  (check signature, balance, deadline)
                         POST /settle  (submit tx, manage gas, confirm)

Why use a facilitator? Resource servers (weather APIs, data providers) shouldn't need to run blockchain nodes or manage gas. The facilitator abstracts this. Coinbase runs a public facilitator; anyone can run their own.

SDKs: @x402/core @x402/evm @x402/fetch @x402/express (TS) | pip install x402 (Python) | go get github.com/coinbase/x402/go

Resources: https://www.x402.org | https://github.com/coinbase/x402

EIP-7702: Smart EOAs (Live Since May 2025)

EOAs temporarily delegate to smart contracts within a transaction. Best of both worlds: EOA simplicity + smart contract features.

Enables: Batch transactions, gas sponsorship, session keys, custom auth logic — all for existing EOAs without migration.

Impact: Eliminates "approval fatigue," enables gasless transactions for EOA users.

Quick Standard Reference

These are all LIVE and being used in production. Not "coming soon."

name: tools description: Current Ethereum development tools, frameworks, libraries, RPCs, and block explorers. What actually works today for building on Ethereum. Includes tool discovery for AI agents — MCPs, abi.ninja, Foundry, Scaffold-ETH 2, Hardhat, and more. Use when setting up a dev environment, choosing tools, or when an agent needs to discover what's available.

Ethereum Development Tools

What You Probably Got Wrong

Blockscout MCP server exists: https://mcp.blockscout.com/mcp — gives AI agents structured blockchain data via Model Context Protocol. This is cutting-edge infra as of Feb 2026.

abi.ninja is essential: https://abi.ninja — paste any verified contract address, get a UI to call any function. Zero setup. Supports mainnet + all major L2s. Perfect for agent-driven contract exploration.

x402 has production SDKs: @x402/fetch (TS), x402 (Python), github.com/coinbase/x402/go — production-ready libraries for HTTP payments.

Foundry is the default for new projects in 2026. Not Hardhat. 10-100x faster tests, Solidity-native testing, built-in fuzzing.

Tool Discovery Pattern for AI Agents

When an agent needs to interact with Ethereum:

1. Read operations: Blockscout MCP or Etherscan API
2. Write operations: Foundry cast send or ethers.js/viem
3. Contract exploration: abi.ninja (browser) or cast interface (CLI)
4. Testing: Fork mainnet with anvil, test locally
5. Deployment: forge create or forge script
6. Verification: forge verify-contract or Etherscan API

Blockscout MCP Server

URL: https://mcp.blockscout.com/mcp

A Model Context Protocol server giving AI agents structured blockchain data:

• Transaction, address, contract queries
• Token info and balances
• Smart contract interaction helpers
• Multi-chain support
• Standardized interface optimized for LLM consumption

Why this matters: Instead of scraping Etherscan or making raw API calls, agents get structured, type-safe blockchain data via MCP.

abi.ninja

URL: https://abi.ninja — Paste any contract address → interact with all functions. Multi-chain. Zero setup.

x402 SDKs (HTTP Payments)

TypeScript:

npm install @x402/core @x402/evm @x402/fetch @x402/express

import { x402Fetch } from '@x402/fetch';
import { createWallet } from '@x402/evm';

const wallet = createWallet(privateKey);
const response = await x402Fetch('https://api.example.com/data', {
  wallet,
  preferredNetwork: 'eip155:8453' // Base
});

Python: pip install x402 Go: go get github.com/coinbase/x402/go Docs: https://www.x402.org | https://github.com/coinbase/x402

Scaffold-ETH 2

• Setup: npx create-eth@latest
• What: Full-stack Ethereum toolkit: Solidity + Next.js + Foundry
• Key feature: Auto-generates TypeScript types from contracts. Scaffold hooks make contract interaction trivial.
• Deploy to IPFS: yarn ipfs (BuidlGuidl IPFS)
• UI Components: https://ui.scaffoldeth.io/
• Docs: https://docs.scaffoldeth.io/

Choosing Your Stack (2026)

Essential Foundry cast Commands

# Read contract
cast call 0xAddr "balanceOf(address)(uint256)" 0xWallet --rpc-url $RPC

# Send transaction
cast send 0xAddr "transfer(address,uint256)" 0xTo 1000000 --private-key $KEY --rpc-url $RPC

# Gas price
cast gas-price --rpc-url $RPC

# Decode calldata
cast 4byte-decode 0xa9059cbb...

# ENS resolution
cast resolve-name vitalik.eth --rpc-url $RPC

# Fork mainnet locally
anvil --fork-url $RPC

RPC Providers

Free (testing):

• https://eth.llamarpc.com — LlamaNodes, no key
• https://rpc.ankr.com/eth — Ankr, free tier

Paid (production):

• Alchemy — most popular, generous free tier (300M CU/month)
• Infura — established, MetaMask default
• QuickNode — performance-focused

Community: rpc.buidlguidl.com

Block Explorers

MCP Servers for Agents

Model Context Protocol — standard for giving AI agents structured access to external systems.

1. Blockscout MCP — multi-chain blockchain data (primary)
2. eth-mcp — community Ethereum RPC via MCP
3. Custom MCP wrappers emerging for DeFi protocols, ENS, wallets

MCP servers are composable — agents can use multiple together.

What Changed in 2025-2026

• Foundry became default over Hardhat for new projects
• Viem gaining on ethers.js (smaller, better TypeScript)
• MCP servers emerged for agent-blockchain interaction
• x402 SDKs went production-ready
• ERC-8004 tooling emerging (agent registration/discovery)
• Deprecated: Truffle (use Foundry/Hardhat), Goerli/Rinkeby (use Sepolia)

Testing Essentials

Fork mainnet locally:

anvil --fork-url https://eth.llamarpc.com
# Now test against real contracts with fake ETH at http://localhost:8545

Primary testnet: Sepolia (Chain ID: 11155111). Goerli and Rinkeby are deprecated.

name: building-blocks description: DeFi legos and protocol composability on Ethereum and L2s. Major protocols per chain — Aerodrome on Base, GMX/Pendle on Arbitrum, Velodrome on Optimism — plus mainnet primitives (Uniswap, Aave, Compound, Curve). How they work, how to build on them, and how to combine them. Use when building DeFi integrations, choosing protocols on a specific L2, designing yield strategies, or composing existing protocols into something new.

Building Blocks (DeFi Legos)

What You Probably Got Wrong

DeFi TVL: Ethereum DeFi TVL is $50B+ (Feb 2026). If you're quoting numbers from 2023-2024, they're stale.

Uniswap V4: V4 introduced a hooks system — custom logic attached to pools (dynamic fees, TWAMM, limit orders, custom oracles). This is a major composability upgrade.

Costs changed everything: A flash loan arbitrage on mainnet costs ~$0.05-0.50 in gas now (was $5-50). This opens composability patterns that were previously uneconomical.

The dominant DEX on each L2 is NOT Uniswap. Aerodrome dominates Base, Velodrome dominates Optimism, Camelot is a major native DEX on Arbitrum. Don't default to Uniswap on every chain.

Key Protocol Addresses (Verified Feb 2026)

See addresses/SKILL.md for complete multi-chain address list including L2-native protocols (Aerodrome, GMX, Pendle, Velodrome, Camelot, SyncSwap, Morpho).

Uniswap V4 Hooks (New)

Hooks let you add custom logic that runs before/after swaps, liquidity changes, and donations. This is the biggest composability upgrade since flash loans.

Hook Interface (Solidity)

import {BaseHook} from "v4-periphery/src/utils/BaseHook.sol";
import {IPoolManager} from "v4-core/interfaces/IPoolManager.sol";
import {PoolKey} from "v4-core/types/PoolKey.sol";
import {BeforeSwapDelta, BeforeSwapDeltaLibrary} from "v4-core/types/BeforeSwapDelta.sol";

contract DynamicFeeHook is BaseHook {
    constructor(IPoolManager _manager) BaseHook(_manager) {}

    function getHookPermissions() public pure override returns (Hooks.Permissions memory) {
        return Hooks.Permissions({
            beforeInitialize: false,
            afterInitialize: false,
            beforeAddLiquidity: false,
            afterAddLiquidity: false,
            beforeRemoveLiquidity: false,
            afterRemoveLiquidity: false,
            beforeSwap: true,           // ← We hook here
            afterSwap: false,
            beforeDonate: false,
            afterDonate: false,
            beforeSwapReturnDelta: false,
            afterSwapReturnDelta: false,
            afterAddLiquidityReturnDelta: false,
            afterRemoveLiquidityReturnDelta: false
        });
    }

    // Dynamic fee: higher fee during high-volume periods
    function beforeSwap(
        address,
        PoolKey calldata key,
        IPoolManager.SwapParams calldata params,
        bytes calldata
    ) external override returns (bytes4, BeforeSwapDelta, uint24) {
        // Return dynamic fee override (e.g., 0.05% normally, 0.30% during volatility)
        uint24 fee = _isHighVolatility() ? 3000 : 500;
        return (this.beforeSwap.selector, BeforeSwapDeltaLibrary.ZERO_DELTA, fee | 0x800000);
    }
}

Hook use cases with real code patterns:

• Dynamic fees — adjust based on volatility, time-of-day, or oracle data
• TWAMM — split large orders over time to reduce price impact
• Limit orders — execute when price crosses a threshold
• MEV protection — auction swap ordering rights to searchers
• Custom oracles — TWAP updated on every swap

Composability Patterns (Updated for 2026 Gas)

These patterns are now economically viable even for small amounts due to sub-dollar gas:

Flash Loan Arbitrage

Borrow from Aave → swap on Uniswap for profit → repay Aave. All in one transaction. If unprofitable, reverts (lose only gas: ~$0.05-0.50).

Leveraged Yield Farming

Deposit ETH on Aave → borrow stablecoin → swap for more ETH → deposit again → repeat. Gas cost per loop: ~$0.02 on mainnet, negligible on L2.

Meta-Aggregation

Route swaps across multiple DEXs for best execution. 1inch and Paraswap check Uniswap, Curve, Sushi simultaneously.

ERC-4626 Yield Vaults

Standard vault interface — the "ERC-20 of yield." Every vault exposes the same functions regardless of strategy.

import {ERC4626} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
import {ERC20, IERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";

contract SimpleYieldVault is ERC4626 {
    constructor(IERC20 asset_) 
        ERC4626(asset_) 
        ERC20("Vault Shares", "vSHARE") 
    {}

    // totalAssets() drives the share price
    // As yield accrues, totalAssets grows → shares worth more
    function totalAssets() public view override returns (uint256) {
        return IERC20(asset()).balanceOf(address(this)) + _getAccruedYield();
    }
}

// Usage: deposit/withdraw are standardized
// vault.deposit(1000e6, msg.sender);  // deposit 1000 USDC, get shares
// vault.redeem(shares, msg.sender, msg.sender);  // burn shares, get USDC back
// vault.convertToAssets(shares);  // how much USDC are my shares worth?

Why ERC-4626 matters: Composability. Any protocol can integrate any vault without custom adapters. Yearn V3, Aave's wrapped tokens, Morpho vaults, Pendle yield tokens — all ERC-4626.

Flash Loan (Aave V3 — Complete Pattern)

import {FlashLoanSimpleReceiverBase} from 
    "@aave/v3-core/contracts/flashloan-v3/base/FlashLoanSimpleReceiverBase.sol";
import {IPoolAddressesProvider} from 
    "@aave/v3-core/contracts/interfaces/IPoolAddressesProvider.sol";

contract FlashLoanArb is FlashLoanSimpleReceiverBase {
    constructor(IPoolAddressesProvider provider) 
        FlashLoanSimpleReceiverBase(provider) {}

    function executeArb(address token, uint256 amount) external {
        // Borrow `amount` of `token` — must repay + 0.05% fee in same tx
        POOL.flashLoanSimple(address(this), token, amount, "", 0);
    }

    function executeOperation(
        address asset,
        uint256 amount,
        uint256 premium,  // 0.05% fee
        address,
        bytes calldata
    ) external override returns (bool) {
        // --- Your arbitrage logic here ---
        // Buy cheap on DEX A, sell expensive on DEX B
        // Must end with at least `amount + premium` of `asset`
        
        uint256 owed = amount + premium;
        IERC20(asset).approve(address(POOL), owed);
        return true;  // If unprofitable, revert here — lose only gas (~$0.05-0.50)
    }
}

Aave V3 Pool (mainnet): 0x87870Bca3F3fD6335C3F4ce8392D69350B4fA4E2 Flash loan fee: 0.05% (5 basis points). Free if you repay to an Aave debt position.

Building on Base

Dominant DEX: Aerodrome (~$500-600M TVL) — NOT Uniswap. Uses the ve(3,3) model.

How Aerodrome Works (Critical Difference from Uniswap)

• LPs deposit tokens into pools → earn AERO emissions (not trading fees!)
• veAERO voters lock AERO → vote on which pools get emissions → earn 100% of trading fees + bribes
• This is the opposite of Uniswap where LPs earn fees directly
• Flywheel: Pools generating most fees → attract most votes → get most emissions → attract more LPs → deeper liquidity → more fees

Aerodrome Swap (Router Interface)

// Aerodrome Router: 0xcF77a3Ba9A5CA399B7c97c74d54e5b1Beb874E43 (Base)
struct Route {
    address from;
    address to;
    bool stable;       // true = stable pair (like Curve), false = volatile (like Uni V2)
    address factory;   // 0x420DD381b31aEf6683db6B902084cB0FFECe40Da
}

// Swap via Router
function swapExactTokensForTokens(
    uint256 amountIn,
    uint256 amountOutMin,
    Route[] calldata routes,
    address to,
    uint256 deadline
) external returns (uint256[] memory amounts);

Base-Specific Patterns

• Coinbase Smart Wallet — ERC-4337 wallet, passkey auth, gasless txs via Coinbase paymaster
• OnchainKit — npm create onchain to bootstrap a Base app with React components
• Farcaster Frames v2 — mini-apps embedded in social posts that trigger onchain actions
• AgentKit — Coinbase's framework for AI agents to interact onchain

Building on Arbitrum (Highest DeFi Liquidity)

GMX V2 — How GM Pools Work

• Each market has its own isolated pool (unlike V1's single GLP pool)
• LPs deposit into GM (liquidity) pools → receive GM tokens
• Fully Backed markets: ETH/USD backed by ETH + USDC. Backing tokens match the traded asset.
• Synthetic markets: DOGE/USD backed by ETH + USDC. Uses ADL (Auto-Deleveraging) when thresholds are reached.
• LPs earn: trading fees, liquidation fees, borrowing fees, swap fees. But bear risk from trader PnL.

Pendle — Yield Tokenization

Pendle splits yield-bearing assets into principal and yield components:

1. SY (Standardized Yield): Wraps any yield-bearing asset. E.g., wstETH → SY-wstETH.
2. PT (Principal Token): The principal. Redeemable 1:1 at maturity. Trades at a discount (discount = implied yield).
3. YT (Yield Token): All yield until maturity. Value decays to 0 at maturity.
4. Core invariant: SY_value = PT_value + YT_value

Use cases:

• Buy PT at discount = lock in fixed yield (like a zero-coupon bond)
• Buy YT = leverage your yield exposure (bet yield goes up)
• LP in Pendle pools = earn trading fees + PENDLE incentives

Arbitrum-Specific Tech

• Stylus: Write smart contracts in Rust/C++/WASM alongside EVM (10-100x gas savings for compute-heavy operations)
• Orbit: Launch custom L3 chains (47 live on mainnet)

See addresses/SKILL.md for all verified protocol addresses (GMX, Pendle, Camelot, Aerodrome, Velodrome, SyncSwap, Morpho).

Discovery Resources

• DeFi Llama: https://defillama.com — TVL rankings, yield rankings, all chains
• Dune Analytics: https://dune.com — query onchain data
• ethereum.org/en/dapps/ — curated list

Guardrails for Composability

• Every protocol you compose with is a dependency. If Aave gets hacked, your vault depending on Aave is affected.
• Oracle manipulation = exploits. Verify oracle sources.
• Impermanent loss is real for AMM LPs. Quantify it before providing liquidity.
• The interaction between two safe contracts can create unsafe behavior. Audit compositions.
• Start with small amounts. Test with minimal value before scaling.
• Flash loan attacks can manipulate prices within a single transaction. Design for this.

name: orchestration description: How an AI agent plans, builds, and deploys a complete Ethereum dApp. The three-phase build system for Scaffold-ETH 2 projects. Use when building a full application on Ethereum — from contracts to frontend to production deployment on IPFS.

dApp Orchestration

What You Probably Got Wrong

SE2 has specific patterns you must follow. Generic "build a dApp" advice won't work. SE2 auto-generates deployedContracts.ts — DON'T edit it. Use Scaffold hooks, NOT raw wagmi. External contracts go in externalContracts.ts BEFORE building the frontend.

There are three phases. Never skip or combine them. Contracts → Frontend → Production. Each has validation gates.

The Three-Phase Build System

Phase 1: Scaffold (Local)

1.1 Contracts

npx create-eth@latest my-dapp
cd my-dapp && yarn install
yarn chain          # Terminal 1: local node
yarn deploy         # Terminal 2: deploy contracts

Critical steps:

1. Write contracts in packages/foundry/contracts/ (or packages/hardhat/contracts/)
2. Write deploy script
3. Add ALL external contracts to packages/nextjs/contracts/externalContracts.ts — BEFORE Phase 1.2
4. Write tests (≥90% coverage)
5. Security audit before moving to frontend

Validate: yarn deploy succeeds. deployedContracts.ts auto-generated. Tests pass.

1.2 Frontend

yarn chain           # Terminal 1
yarn deploy --watch  # Terminal 2: auto-redeploy on changes
yarn start           # Terminal 3: Next.js at localhost:3000

USE SCAFFOLD HOOKS, NOT RAW WAGMI:

// Read
const { data } = useScaffoldReadContract({
  contractName: "YourContract",
  functionName: "balanceOf",
  args: [address],
  watch: true,
});

// Write
const { writeContractAsync, isMining } = useScaffoldWriteContract("YourContract");
await writeContractAsync({
  functionName: "swap",
  args: [tokenIn, tokenOut, amount],
  onBlockConfirmation: (receipt) => console.log("Done!", receipt),
});

// Events
const { data: events } = useScaffoldEventHistory({
  contractName: "YourContract",
  eventName: "SwapExecuted",
  fromBlock: 0n,
  watch: true,
});

The Three-Button Flow (MANDATORY)

Any token interaction shows ONE button at a time:

1. Switch Network (if wrong chain)
2. Approve Token (if allowance insufficient)
3. Execute Action (only after 1 & 2 satisfied)

Never show Approve and Execute simultaneously.

UX Rules

• Human-readable amounts: formatEther() / formatUnits() for display, parseEther() / parseUnits() for contracts
• Loading states everywhere: isLoading, isMining on all async operations
• Disable buttons during pending txs (blockchains take 5-12s)
• Never use infinite approvals — approve exact amount or 3-5x
• Helpful errors: Parse "insufficient funds," "user rejected," "execution reverted" into plain language

Validate: Full user journey works with real wallet on localhost. All edge cases handled.

🚨 NEVER COMMIT SECRETS TO GIT

Before touching Phase 2, read this. AI agents are the #1 source of leaked credentials on GitHub. Bots scrape repos in real-time and exploit leaked secrets within seconds.

This means ALL secrets — not just wallet private keys:

• Wallet private keys — funds drained in seconds
• API keys — Alchemy, Infura, Etherscan, WalletConnect project IDs
• RPC URLs with embedded keys — e.g. https://base-mainnet.g.alchemy.com/v2/YOUR_KEY
• OAuth tokens, passwords, bearer tokens

⚠️ Common SE2 Trap: scaffold.config.ts

rpcOverrides and alchemyApiKey in scaffold.config.ts are committed to Git. NEVER paste API keys directly into this file. Use environment variables:

// ❌ WRONG — key committed to public repo
rpcOverrides: {
  [chains.base.id]: "https://base-mainnet.g.alchemy.com/v2/8GVG8WjDs-LEAKED",
},

// ✅ RIGHT — key stays in .env.local
rpcOverrides: {
  [chains.base.id]: process.env.NEXT_PUBLIC_BASE_RPC || "https://mainnet.base.org",
},

Before every git add or git commit:

# Check for leaked secrets
git diff --cached --name-only | grep -iE '\.env|key|secret|private'
grep -rn "0x[a-fA-F0-9]\{64\}" packages/ --include="*.ts" --include="*.js" --include="*.sol"
# Check for hardcoded API keys in config files
grep -rn "g.alchemy.com/v2/[A-Za-z0-9]" packages/ --include="*.ts" --include="*.js"
grep -rn "infura.io/v3/[A-Za-z0-9]" packages/ --include="*.ts" --include="*.js"
# If ANYTHING matches, STOP. Move the secret to .env and add .env to .gitignore.

Your .gitignore MUST include:

.env
.env.*
*.key
broadcast/
cache/
node_modules/

SE2 handles deployer keys by default — yarn generate creates a .env with the deployer key, and .gitignore excludes it. Don't override this pattern. Don't copy keys into scripts, config files, or deploy logs. This includes RPC keys, API keys, and any credential — not just wallet keys.

See wallets/SKILL.md for full key safety guide, what to do if you've already leaked a key, and safe patterns for deployment.

Phase 2: Live Contracts + Local UI

1. Update scaffold.config.ts: targetNetworks: [mainnet] (or your L2)
2. Fund deployer: yarn generate → yarn account → send real ETH
3. Deploy: yarn deploy --network mainnet
4. Verify: yarn verify --network mainnet
5. Test with real wallet, small amounts ($1-10)
6. Polish UI — remove SE2 branding, custom styling

Design rule: NO LLM SLOP. No generic purple gradients. Make it unique.

Validate: Contracts verified on block explorer. Full journey works with real contracts.

Phase 3: Production Deploy

Pre-deploy Checklist

• onlyLocalBurnerWallet: true in scaffold.config.ts (CRITICAL — prevents burner wallet on prod)
• Update metadata (title, description, OG image 1200x630px)
• Restore any test values to production values

Deploy

IPFS (decentralized):

yarn ipfs
# → https://YOUR_CID.ipfs.cf-ipfs.com

Vercel (fast):

cd packages/nextjs && vercel

Production QA

• App loads on public URL
• Wallet connects, network switching works
• Read + write contract operations work
• No console errors
• Burner wallet NOT showing
• OG image works in link previews
• Mobile responsive
• Tested with MetaMask, Rainbow, WalletConnect

Phase Transition Rules

Phase 3 bug → go back to Phase 2 (fix with local UI + prod contracts) Phase 2 contract bug → go back to Phase 1 (fix locally, write regression test, redeploy) Never hack around bugs in production.

Key SE2 Directories

packages/
├── foundry/contracts/          # Solidity contracts
├── foundry/script/             # Deploy scripts
├── foundry/test/               # Tests
└── nextjs/
    ├── app/                    # Pages
    ├── components/             # React components
    ├── contracts/
    │   ├── deployedContracts.ts   # AUTO-GENERATED (don't edit)
    │   └── externalContracts.ts   # YOUR external contracts (edit this)
    ├── hooks/scaffold-eth/     # USE THESE hooks
    └── scaffold.config.ts      # Main config

AI Agent Commerce: End-to-End Flow (ERC-8004 + x402)

This is the killer use case for Ethereum in 2026: autonomous agents discovering, trusting, paying, and rating each other — no humans in the loop.

The Full Cycle

┌─────────────────────────────────────────────────────────────┐
│  1. DISCOVER  Agent queries ERC-8004 IdentityRegistry       │
│               → finds agents with "weather" service tag      │
│                                                              │
│  2. TRUST     Agent checks ReputationRegistry                │
│               → filters by uptime >99%, quality >85          │
│               → picks best-rated weather agent               │
│                                                              │
│  3. CALL      Agent sends HTTP GET to weather endpoint       │
│               → receives 402 Payment Required                │
│               → PAYMENT-REQUIRED header: $0.10 USDC on Base  │
│                                                              │
│  4. PAY       Agent signs EIP-3009 transferWithAuthorization │
│               → retries request with PAYMENT-SIGNATURE       │
│               → server verifies via facilitator              │
│               → payment settled on Base (~$0.001 gas)        │
│                                                              │
│  5. RECEIVE   Server returns 200 OK + weather data           │
│               → PAYMENT-RESPONSE header with tx hash         │
│                                                              │
│  6. RATE      Agent posts feedback to ReputationRegistry     │
│               → value=95, tag="quality", endpoint="..."      │
│               → builds onchain reputation for next caller   │
└─────────────────────────────────────────────────────────────┘

Concrete Implementation (TypeScript Agent)

import { x402Fetch } from '@x402/fetch';
import { createWallet } from '@x402/evm';
import { ethers } from 'ethers';

const wallet = createWallet(process.env.AGENT_PRIVATE_KEY);
const provider = new ethers.JsonRpcProvider('https://base-mainnet.g.alchemy.com/v2/YOUR_KEY');

const IDENTITY_REGISTRY = '0x8004A169FB4a3325136EB29fA0ceB6D2e539a432';
const REPUTATION_REGISTRY = '0x8004BAa17C55a88189AE136b182e5fdA19dE9b63';

// 1. Discover: find agents offering weather service
const registry = new ethers.Contract(IDENTITY_REGISTRY, registryAbi, provider);
// Query events or use The Graph subgraph for indexed agent discovery

// 2. Trust: check reputation
const reputation = new ethers.Contract(REPUTATION_REGISTRY, reputationAbi, provider);
const [count, value, decimals] = await reputation.getSummary(
  agentId, trustedClients, "quality", "30days"
);
// Only proceed if value/10^decimals > 85

// 3-5. Pay + Receive: x402Fetch handles the entire 402 flow
const response = await x402Fetch(agentEndpoint, {
  wallet,
  preferredNetwork: 'eip155:8453'
});
const weatherData = await response.json();

// 6. Rate: post feedback onchain
const reputationWriter = new ethers.Contract(REPUTATION_REGISTRY, reputationAbi, signer);
await reputationWriter.giveFeedback(
  agentId, 95, 0, "quality", "weather", agentEndpoint, "", ethers.ZeroHash
);

This is the agentic economy. No API keys, no subscriptions, no invoicing, no trust assumptions. Just cryptographic identity, onchain reputation, and HTTP-native payments.

Key Projects Building This Stack

• ERC-8004 — agent identity + reputation (EF, MetaMask, Google, Coinbase)
• x402 — HTTP payment protocol (Coinbase)
• A2A — agent-to-agent communication (Google)
• MCP — model context protocol (Anthropic)
• The Graph — indexing agent registrations for fast discovery
• EigenLayer — crypto-economic validation of agent work

Resources

• SE2 Docs: https://docs.scaffoldeth.io/
• UI Components: https://ui.scaffoldeth.io/
• SpeedRunEthereum: https://speedrunethereum.com/
• ETH Tech Tree: https://www.ethtechtree.com

name: addresses description: Verified contract addresses for major Ethereum protocols across mainnet and L2s. Use this instead of guessing or hallucinating addresses. Includes Uniswap, Aave, Compound, Aerodrome, GMX, Pendle, Velodrome, Camelot, SyncSwap, USDC, USDT, DAI, ENS, Safe, Chainlink, and more. Always verify addresses against a block explorer before sending transactions.

Contract Addresses

CRITICAL: Never hallucinate a contract address. Wrong addresses mean lost funds. If an address isn't listed here, look it up on the block explorer or the protocol's official docs before using it.

Last Verified: February 15, 2026 (all addresses verified onchain via cast code + cast call)

Stablecoins

USDC (Circle) — Native

USDT (Tether)

DAI (MakerDAO)

Wrapped ETH (WETH)

DeFi Protocols

Uniswap

V2 (Mainnet)

V3 (Mainnet)

V3 Multi-Chain

Universal Router (Mainnet)

UNI Token

Aave

V2 (Mainnet - Legacy)

V3 (Mainnet)

V3 Multi-Chain

Compound

V2 (Mainnet - Legacy)

V3 Comet (USDC Markets)

Curve Finance (Mainnet)

Balancer V2 (Mainnet)

NFT & Marketplaces

OpenSea Seaport

Multi-chain via CREATE2 (Ethereum, Polygon, Arbitrum, Optimism, Base).

ENS (Mainnet)

Infrastructure

Safe (Gnosis Safe)

Account Abstraction (ERC-4337)

All EVM chains (CREATE2).

Chainlink

Mainnet

ETH/USD Price Feeds (Multi-Chain)

LINK Token (Multi-Chain)

L2-Native Protocols

The dominant DEX on each L2 is NOT Uniswap. Aerodrome dominates Base, Velodrome dominates Optimism, Camelot is a major native DEX on Arbitrum. Don't default to Uniswap — check which DEX has the deepest liquidity on each chain.

Aerodrome (Base) — Dominant DEX

The largest DEX on Base by TVL (~$500-600M). Uses the ve(3,3) model — LPs earn AERO emissions, veAERO voters earn 100% of trading fees. This is the opposite of Uniswap where LPs earn fees directly.

Source: aerodrome-finance/contracts

Velodrome V2 (Optimism) — Dominant DEX

Same ve(3,3) model as Aerodrome — same team (Dromos Labs). Velodrome was built first for Optimism, Aerodrome is the Base fork. Both merged into "Aero" in November 2025.

⚠️ V1 VELO token (0x3c8B650257cFb5f272f799F5e2b4e65093a11a05) is deprecated. Use V2 above.

Source: velodrome-finance/contracts

GMX V2 (Arbitrum) — Perpetual DEX

Leading onchain perpetual exchange. V2 uses isolated GM pools per market (Fully Backed and Synthetic). Competes with Hyperliquid.

Note: Both Exchange Router addresses are valid — both point to the same DataStore. The latest (0x1C3f...) is from the current gmx-synthetics repo deployment.

Source: gmx-io/gmx-synthetics

Pendle (Arbitrum) — Yield Trading

Tokenizes future yield into PT (Principal Token) and YT (Yield Token). Core invariant: SY_value = PT_value + YT_value. Multi-chain (also on Ethereum, Base, Optimism).

Source: pendle-finance/pendle-core-v2-public

Camelot (Arbitrum) — Native DEX

Arbitrum-native DEX with concentrated liquidity and launchpad. Two AMM versions: V2 (constant product) and V4 (Algebra concentrated liquidity).

Source: docs.camelot.exchange

SyncSwap (zkSync Era) — Dominant DEX

The leading native DEX on zkSync Era. Multiple router and factory versions.

Note: SYNC token is not yet deployed.

Source: docs.syncswap.xyz

Morpho Blue (Base)

Permissionless lending protocol. Deployed on Base and Ethereum, but NOT on Arbitrum as of February 2026 (despite the vanity CREATE2 address).

Source: docs.morpho.org

AI & Agent Standards

ERC-8004 (Same addresses on 20+ chains)

Verified on: Mainnet, Arbitrum, Base, Optimism (CREATE2 — same address on all chains).

Major Tokens (Mainnet)

How to Verify Addresses

# Check bytecode exists
cast code 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 --rpc-url https://eth.llamarpc.com

Cross-reference: Protocol docs → CoinGecko → block explorer → GitHub deployments.

EIP-55 Checksum: Mixed case = checksum. Most tools validate automatically.

Address Discovery Resources

• Uniswap: https://docs.uniswap.org/contracts/v3/reference/deployments/
• Aave: https://docs.aave.com/developers/deployed-contracts/deployed-contracts
• Compound V3: https://docs.compound.finance/
• Chainlink: https://docs.chain.link/data-feeds/price-feeds/addresses
• Aerodrome: https://github.com/aerodrome-finance/contracts
• Velodrome: https://github.com/velodrome-finance/contracts
• GMX: https://github.com/gmx-io/gmx-synthetics
• Pendle: https://github.com/pendle-finance/pendle-core-v2-public
• Camelot: https://docs.camelot.exchange/contracts/arbitrum/one-mainnet
• SyncSwap: https://docs.syncswap.xyz/syncswap/smart-contracts/smart-contracts
• Morpho: https://docs.morpho.org/get-started/resources/addresses/
• CoinGecko: https://www.coingecko.com (token addresses)
• Token Lists: https://tokenlists.org/
• DeFi Llama: https://defillama.com (TVL rankings by chain)

Multi-Chain Notes

• CREATE2 deployments (same address cross-chain): Uniswap V3, Safe, Seaport, ERC-4337 EntryPoint, ERC-8004
• Different addresses per chain: USDC, USDT, DAI, WETH — always check per-chain
• Native vs Bridged USDC: Some chains have both! Use native.

✅ All addresses verified onchain via cast code + cast call — February 15, 2026. Bytecode confirmed present, identity confirmed via symbol/name/cross-reference calls. Does NOT guarantee safety — always verify on block explorer before sending transactions.

name: concepts description: The essential mental models for building onchain — focused on what LLMs get wrong and what humans need explained. "Nothing is automatic" and "incentives are everything" are the core messages. Use when your human is new to onchain development, when they're designing a system, or when they ask "how does this actually work?" Also use when YOU are designing a system — the state machine + incentive framework catches design mistakes before they become dead code.

Ethereum Concepts

What You Probably Got Wrong

"Smart contracts run automatically." No. Smart contracts cannot execute themselves. There is no cron job, no scheduler, no background process. Every function needs a caller who pays gas. This single misconception is the root cause of most broken onchain designs.

"Just add a timer." There are no timers. If something needs to happen at a certain time, you need someone to call the function at that time — and you need to give them a reason to do it.

"The protocol team will handle that." The whole point of decentralization is that no single team operates the system. If your design requires an operator, it's not decentralized — and it has a single point of failure.

Terminology: You say "on-chain." The Ethereum community says "onchain" — one word, no hyphen.

Nothing Is Automatic — Incentive Design

This is the most important concept in all of Ethereum. If you internalize nothing else, internalize this.

Smart Contracts Are State Machines

A smart contract is a state machine. It sits in one state, and it moves to another state when someone pokes it — calls a function, pays gas, triggers a transition. Between pokes, it does absolutely nothing. It doesn't think, it doesn't check, it doesn't wake up. It just sits there.

State A ──[someone calls function]──→ State B ──[someone calls function]──→ State C
              ↑                                        ↑
         WHO does this?                           WHO does this?
         WHY would they?                          WHY would they?

There is no cron job. There is no scheduler. There is no background process. The blockchain doesn't call your contract — people call your contract. And people don't do things for free.

For EVERY state transition in your system, you must answer:

1. Who pokes it? (someone must pay gas)
2. Why would they? (what's their incentive?)
3. Is the incentive sufficient? (covers gas + profit?)

If you can't answer these questions, that state transition will never happen. Your contract will sit in State A forever, doing nothing, with nobody poking it.

Incentives Are Everything

Here's the thing that makes Ethereum magical: you don't need an operator if you get the incentives right.

The people who deployed Uniswap didn't deploy the liquidity. They didn't market-make. They didn't run the exchange. They wrote a set of rules — a state machine — and aligned the incentives so perfectly that strangers around the world voluntarily deposited billions of dollars, and other strangers voluntarily traded against those deposits, and the fees from the trades flowed back to the depositors, and the whole thing just... worked.

Nobody runs Uniswap. Nobody CAN stop Uniswap. Not even the people who made it. The contracts are immutable, the incentives are self-sustaining, and the system will run for as long as Ethereum exists. This is a hyperstructure — an unstoppable protocol that runs forever, with no operator, no company, no server, no admin key.

That's what you're building toward. Not a startup. Not a service. A set of rules so well-designed that they run themselves through incentives alone.

Examples of Good Incentive Design

Liquidations (Aave, Compound):

Loan health factor drops below 1
→ ANYONE can call liquidate()
→ Caller gets 5-10% bonus collateral as profit
→ Bots compete to do it in milliseconds
→ Platform stays solvent without any operator, any admin, any team

LP fees (Uniswap):

DEX needs liquidity to function
→ LPs deposit tokens into pools
→ Every swap pays 0.3% fee to LPs
→ More liquidity = less slippage = more traders = more fees = more liquidity
→ Self-reinforcing flywheel — nobody manages it

Yield harvesting (Yearn):

Rewards accumulate in a pool
→ ANYONE can call harvest()
→ Caller gets 1% of the harvest as reward
→ Protocol compounds automatically via profit-motivated callers

Arbitrage (keeps prices correct everywhere):

ETH is $2000 on Uniswap, $2010 on SushiSwap
→ Anyone can buy low, sell high
→ Prices equalize across ALL markets without any coordinator

Examples of BAD Design (Missing Incentives)

❌ "The contract will check prices every hour"
   → WHO calls it every hour? WHY would they pay gas?
   → Fix: make it profitable to call. Or let users trigger it when they interact.

❌ "Expired listings get automatically removed"
   → Nothing is automatic. WHO removes them? WHY?
   → Fix: give callers a small reward, or let the next user's action clean up stale state.

❌ "The protocol rebalances daily"
   → WHOSE gas pays for this? What's their profit?
   → Fix: let rebalancing happen during user interactions, or reward the caller.

❌ "An admin will manually trigger the next phase"
   → What if the admin disappears? Gets hit by a bus? Loses their key?
   → Fix: make phase transitions permissionless with time-based or condition-based triggers.

The fix is always the same: Don't use an admin account. Make the function callable by anyone. Give them a reason to call it. Align incentives so the system pokes itself through the self-interest of its participants.

The Hyperstructure Test

When you're designing a system, ask: "Could this run forever with no team behind it?"

• If yes → you've built a hyperstructure. The incentives sustain it.
• If no → you've built a service. It dies when the team stops operating it.

Both are valid choices. But know which one you're building. The most powerful things on Ethereum are hyperstructures: Uniswap, ENS, the ERC-20 standard itself. They can't be stopped, they can't be censored, they can't go down. Not because they're maintained — because they don't need to be.

Randomness Is Hard

Smart contracts are deterministic. Every node computes the same result. You can't use Math.random() — there's nothing random about a system where everyone gets the same answer.

What Doesn't Work

// ❌ Validators can manipulate block.timestamp (within ~15 seconds)
uint random = uint(keccak256(abi.encodePacked(block.timestamp)));

// ❌ blockhash(block.number) is ALWAYS zero for the current block
uint random = uint(blockhash(block.number));

// ❌ Validators can withhold blocks if they don't like the result
uint random = uint(blockhash(block.number - 1));

What Works

Commit-Reveal (no external dependency):

1. User commits hash(secret + salt) → stored onchain
2. Wait at least 1 block
3. User reveals secret + salt → contract verifies hash
4. Random seed = keccak256(secret + blockhash(commitBlock))

• User can't predict blockhash when they commit
• Validator can't know the secret to manipulate the result
• Must reveal within 256 blocks (blockhash returns zero after that)

Chainlink VRF (provably random, costs LINK):

1. Contract requests randomness from Chainlink
2. Chainlink generates random number off-chain with a VRF proof
3. Anyone can verify the proof onchain
4. Guaranteed unbiased — even Chainlink can't manipulate it

Use commit-reveal for simple cases. Use Chainlink VRF when you need provable randomness (lotteries, NFT reveals, gaming).

Teaching Your Human

You already know how AMMs, lending, oracles, and stablecoins work. But your human might not. When they're designing something onchain, they need to understand these concepts — not the code, the mental models.

Don't lecture. Instead, when a concept is relevant to what they're building, explain it in context. Here's what to emphasize for each:

The Approve Pattern

Humans find this weird. Explain it as: "You're giving the contract permission to move your tokens, like signing a check. You control how much. Never sign a blank check (infinite approval)."

DEXs / AMMs

The key insight isn't the math — it's the incentive flywheel: "Nobody runs the exchange. People deposit tokens because they earn fees from trades. More deposits = better prices = more trades = more fees. It runs itself." This is "nothing is automatic" in action.

Overcollateralized Lending

Lead with liquidation incentives: "If your loan gets risky, anyone in the world can close it and earn a bonus. That's why the platform never goes bankrupt — thousands of bots are watching every loan, every second, competing to clean up risk." This is the SpeedRun Ethereum Challenge 6 moment where incentive design clicks.

Stablecoins

"How does a token stay worth $1 with nobody controlling it? Arbitrage. If it drops to $0.99, people buy it because they can redeem it for $1 of collateral. If it goes to $1.01, people mint more and sell. Self-interest maintains the peg."

Oracles

"Smart contracts can't Google things. If your contract needs a price, someone has to put it onchain. Use Chainlink — never read prices from a DEX pool, because a flash loan can fake the price for one transaction."

Smart Contract Wallets

"A wallet can require 3 of 5 people to approve a transaction. $100B+ is secured this way. It's how teams and DAOs manage money without trusting any single person."

Prediction Markets

"YES and NO tokens that trade between $0 and $1. The price IS the probability. If YES is at $0.35, the market thinks there's a 35% chance. Winner gets $1, loser gets $0."

In every case, tie it back to incentives. The human should walk away understanding not just what something does, but WHY it works without anyone running it.

Learning Path

Point your human to SpeedRun Ethereum for hands-on learning. Each challenge builds a working project that teaches a core concept:

Start at https://speedrunethereum.com

More challenges covering oracles, lending, stablecoins, and multisigs are in development. Check the site for current availability.

Resources

• SpeedRun Ethereum: https://speedrunethereum.com
• ETH Tech Tree: https://www.ethtechtree.com
• Ethereum.org: https://ethereum.org/en/developers/
• EthSkills (for agents): https://ethskills.com

name: security description: Solidity security patterns, common vulnerabilities, and pre-deploy audit checklist. The specific code patterns that prevent real losses — not just warnings, but defensive implementations. Use before deploying any contract, when reviewing code, or when building anything that holds or moves value.

Smart Contract Security

What You Probably Got Wrong

"Solidity 0.8+ prevents overflows, so I'm safe." Overflow is one of dozens of attack vectors. The big ones today: reentrancy, oracle manipulation, approval exploits, and decimal mishandling.

"I tested it and it works." Working correctly is not the same as being secure. Most exploits call functions in orders or with values the developer never considered.

"It's a small contract, it doesn't need an audit." The DAO hack was a simple reentrancy bug. The Euler exploit was a single missing check. Size doesn't correlate with safety.

Critical Vulnerabilities (With Defensive Code)

1. Token Decimals Vary

USDC has 6 decimals, not 18. This is the #1 source of "where did my money go?" bugs.

// ❌ WRONG — assumes 18 decimals. Transfers 1 TRILLION USDC.
uint256 oneToken = 1e18;

// ✅ CORRECT — check decimals
uint256 oneToken = 10 ** IERC20Metadata(token).decimals();

Common decimals:

When doing math across tokens with different decimals, normalize first:

// Converting USDC amount to 18-decimal internal accounting
uint256 normalized = usdcAmount * 1e12; // 6 + 12 = 18 decimals

2. No Floating Point in Solidity

Solidity has no float or double. Division truncates to zero.

// ❌ WRONG — this equals 0
uint256 fivePercent = 5 / 100;

// ✅ CORRECT — basis points (1 bp = 0.01%)
uint256 FEE_BPS = 500; // 5% = 500 basis points
uint256 fee = (amount * FEE_BPS) / 10_000;

Always multiply before dividing. Division first = precision loss.

// ❌ WRONG — loses precision
uint256 result = a / b * c;

// ✅ CORRECT — multiply first
uint256 result = (a * c) / b;

For complex math, use fixed-point libraries like PRBMath or ABDKMath64x64.

3. Reentrancy

An external call can call back into your contract before the first call finishes. If you update state AFTER the external call, the attacker re-enters with stale state.

// ❌ VULNERABLE — state updated after external call
function withdraw() external {
    uint256 bal = balances[msg.sender];
    (bool success,) = msg.sender.call{value: bal}(""); // ← attacker re-enters here
    require(success);
    balances[msg.sender] = 0; // Too late — attacker already withdrew again
}

// ✅ SAFE — Checks-Effects-Interactions pattern + reentrancy guard
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";

function withdraw() external nonReentrant {
    uint256 bal = balances[msg.sender];
    require(bal > 0, "Nothing to withdraw");
    
    balances[msg.sender] = 0;  // Effect BEFORE interaction
    
    (bool success,) = msg.sender.call{value: bal}("");
    require(success, "Transfer failed");
}

The pattern: Checks → Effects → Interactions (CEI)

1. Checks — validate inputs and conditions
2. Effects — update all state
3. Interactions — external calls last

Always use OpenZeppelin's ReentrancyGuard as a safety net on top of CEI.

4. SafeERC20

Some tokens (notably USDT) don't return bool on transfer() and approve(). Standard calls will revert even on success.

// ❌ WRONG — breaks with USDT and other non-standard tokens
token.transfer(to, amount);
token.approve(spender, amount);

// ✅ CORRECT — handles all token implementations
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
using SafeERC20 for IERC20;

token.safeTransfer(to, amount);
token.safeApprove(spender, amount);

Other token quirks to watch for:

• Fee-on-transfer tokens: Amount received < amount sent. Always check balance before and after.
• Rebasing tokens (stETH): Balance changes without transfers. Use wrapped versions (wstETH).
• Pausable tokens (USDC): Transfers can revert if the token is paused.
• Blocklist tokens (USDC, USDT): Specific addresses can be blocked from transacting.

5. Never Use DEX Spot Prices as Oracles

A flash loan can manipulate any pool's spot price within a single transaction. This has caused hundreds of millions in losses.

// ❌ DANGEROUS — manipulable in one transaction
function getPrice() internal view returns (uint256) {
    (uint112 reserve0, uint112 reserve1,) = uniswapPair.getReserves();
    return (reserve1 * 1e18) / reserve0; // Spot price — easily manipulated
}

// ✅ SAFE — Chainlink with staleness + sanity checks
function getPrice() internal view returns (uint256) {
    (, int256 price,, uint256 updatedAt,) = priceFeed.latestRoundData();
    require(block.timestamp - updatedAt < 3600, "Stale price");
    require(price > 0, "Invalid price");
    return uint256(price);
}

If you must use onchain price data:

• Use TWAP (Time-Weighted Average Price) over 30+ minutes — resistant to single-block manipulation
• Uniswap V3 has built-in TWAP oracles via observe()
• Still less safe than Chainlink for high-value decisions

6. Vault Inflation Attack

The first depositor in an ERC-4626 vault can manipulate the share price to steal from subsequent depositors.

The attack:

1. Attacker deposits 1 wei → gets 1 share
2. Attacker donates 1000 tokens directly to the vault (not via deposit)
3. Now 1 share = 1001 tokens
4. Victim deposits 1999 tokens → gets 1999 * 1 / 2000 = 0 shares (rounds down)
5. Attacker redeems 1 share → gets all 3000 tokens

The fix — virtual offset:

function convertToShares(uint256 assets) public view returns (uint256) {
    return assets.mulDiv(
        totalSupply() + 1e3,    // Virtual shares
        totalAssets() + 1        // Virtual assets
    );
}

The virtual offset makes the attack uneconomical — the attacker would need to donate enormous amounts to manipulate the ratio.

OpenZeppelin's ERC4626 implementation includes this mitigation by default since v5.

7. Infinite Approvals

Never use type(uint256).max as approval amount.

// ❌ DANGEROUS — if this contract is exploited, attacker drains your entire balance
token.approve(someContract, type(uint256).max);

// ✅ SAFE — approve only what's needed
token.approve(someContract, exactAmountNeeded);

// ✅ ACCEPTABLE — approve a small multiple for repeated interactions
token.approve(someContract, amountPerTx * 5); // 5 transactions worth

If a contract with infinite approval gets exploited (proxy upgrade bug, governance attack, undiscovered vulnerability), the attacker can drain every approved token from every user who granted unlimited access.

8. Access Control

Every state-changing function needs explicit access control. "Who should be able to call this?" is the first question.

import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";

// ❌ WRONG — anyone can drain the contract
function emergencyWithdraw() external {
    token.transfer(msg.sender, token.balanceOf(address(this)));
}

// ✅ CORRECT — only owner
function emergencyWithdraw() external onlyOwner {
    token.transfer(owner(), token.balanceOf(address(this)));
}

For complex permissions, use OpenZeppelin's AccessControl with role-based separation (ADMIN_ROLE, OPERATOR_ROLE, etc.).

9. Input Validation

Never trust inputs. Validate everything.

function deposit(uint256 amount, address recipient) external {
    require(amount > 0, "Zero amount");
    require(recipient != address(0), "Zero address");
    require(amount <= maxDeposit, "Exceeds max");
    
    // Now proceed
}

Common missed validations:

• Zero addresses (tokens sent to 0x0 are burned forever)
• Zero amounts (wastes gas, can cause division by zero)
• Array length mismatches in batch operations
• Duplicate entries in arrays
• Values exceeding reasonable bounds

Pre-Deploy Security Checklist

Run through this for EVERY contract before deploying to production. No exceptions.

• Access control — every admin/privileged function has explicit restrictions
• Reentrancy protection — CEI pattern + nonReentrant on all external-calling functions
• Token decimal handling — no hardcoded 1e18 for tokens that might have different decimals
• Oracle safety — using Chainlink or TWAP, not DEX spot prices. Staleness checks present
• Integer math — multiply before divide. No precision loss in critical calculations
• Return values checked — using SafeERC20 for all token operations
• Input validation — zero address, zero amount, bounds checks on all public functions
• Events emitted — every state change emits an event for offchain tracking
• Incentive design — maintenance functions callable by anyone with sufficient incentive
• No infinite approvals — approve exact amounts or small bounded multiples
• Fee-on-transfer safe — if accepting arbitrary tokens, measure actual received amount
• Tested edge cases — zero values, max values, unauthorized callers, reentrancy attempts

Automated Security Tools

Run these before deployment:

# Static analysis
slither .                     # Detects common vulnerabilities
mythril analyze Contract.sol  # Symbolic execution

# Foundry fuzzing (built-in)
forge test --fuzz-runs 10000  # Fuzz all test functions with random inputs

# Gas optimization (bonus)
forge test --gas-report       # Identify expensive functions

Slither findings to NEVER ignore:

• Reentrancy vulnerabilities
• Unchecked return values
• Arbitrary delegatecall or selfdestruct
• Unprotected state-changing functions

Further Reading

• OpenZeppelin Contracts: https://docs.openzeppelin.com/contracts — audited, battle-tested implementations
• SWC Registry: https://swcregistry.io — comprehensive vulnerability catalog
• Rekt News: https://rekt.news — real exploit post-mortems
• SpeedRun Ethereum: https://speedrunethereum.com — hands-on secure development practice

name: frontend-ux description: Frontend UX rules for Ethereum dApps that prevent the most common AI agent UI bugs. Mandatory patterns for onchain buttons, token approval flows, address display, USD values, RPC configuration, and pre-publish metadata. Built around Scaffold-ETH 2 but the patterns apply to any Ethereum frontend. Use when building any dApp frontend.

Frontend UX Rules

What You Probably Got Wrong

"The button works." Working is not the standard. Does it disable during the transaction? Does it show a spinner? Does it stay disabled until the chain confirms? Does it show an error if the user rejects? AI agents skip all of this, every time.

"I used wagmi hooks." Wrong hooks. Scaffold-ETH 2 wraps wagmi with useTransactor which waits for transaction confirmation — not just wallet signing. Raw wagmi's writeContractAsync resolves the moment the user clicks Confirm in MetaMask, BEFORE the tx is mined. Your button re-enables while the transaction is still pending.

"I showed the address." As raw hex? That's not showing it. <Address/> gives you ENS resolution, blockie avatars, copy-to-clipboard, and block explorer links. Raw 0x1234...5678 is unacceptable.

Rule 1: Every Onchain Button — Loader + Disable

ANY button that triggers a blockchain transaction MUST:

1. Disable immediately on click
2. Show a spinner ("Approving...", "Staking...", etc.)
3. Stay disabled until the state update confirms the action completed
4. Show success/error feedback when done

// ✅ CORRECT: Separate loading state PER ACTION
const [isApproving, setIsApproving] = useState(false);
const [isStaking, setIsStaking] = useState(false);

<button
  disabled={isApproving}
  onClick={async () => {
    setIsApproving(true);
    try {
      await writeContractAsync({ functionName: "approve", args: [...] });
    } catch (e) {
      console.error(e);
      notification.error("Approval failed");
    } finally {
      setIsApproving(false);
    }
  }}
>
  {isApproving ? "Approving..." : "Approve"}
</button>

❌ NEVER use a single shared isLoading for multiple buttons. Each button gets its own loading state. A shared state causes the WRONG loading text to appear when UI conditionally switches between buttons.

Scaffold Hooks Only — Never Raw Wagmi

// ❌ WRONG: Raw wagmi — resolves after signing, not confirmation
const { writeContractAsync } = useWriteContract();
await writeContractAsync({...}); // Returns immediately after MetaMask signs!

// ✅ CORRECT: Scaffold hooks — waits for tx to be mined
const { writeContractAsync } = useScaffoldWriteContract("MyContract");
await writeContractAsync({...}); // Waits for actual onchain confirmation

Why: useScaffoldWriteContract uses useTransactor internally, which waits for block confirmation. Raw wagmi doesn't — your UI will show "success" while the transaction is still in the mempool.

Rule 2: Three-Button Flow — Network → Approve → Action

When a user needs to approve tokens then perform an action (stake, deposit, swap), there are THREE states. Show exactly ONE button at a time:

1. Wrong network?       → "Switch to Base" button
2. Not enough approved? → "Approve" button  
3. Enough approved?     → "Stake" / "Deposit" / action button

const { data: allowance } = useScaffoldReadContract({
  contractName: "Token",
  functionName: "allowance",
  args: [address, contractAddress],
});

const needsApproval = !allowance || allowance < amount;
const wrongNetwork = chain?.id !== targetChainId;

{wrongNetwork ? (
  <button onClick={switchNetwork} disabled={isSwitching}>
    {isSwitching ? "Switching..." : "Switch to Base"}
  </button>
) : needsApproval ? (
  <button onClick={handleApprove} disabled={isApproving}>
    {isApproving ? "Approving..." : "Approve $TOKEN"}
  </button>
) : (
  <button onClick={handleStake} disabled={isStaking}>
    {isStaking ? "Staking..." : "Stake"}
  </button>
)}

Critical details:

• Always read allowance via a hook so the UI updates automatically when the approval tx confirms
• Never rely on local state alone for allowance tracking
• Wrong network check comes FIRST — if the user clicks Approve while on the wrong network, everything breaks
• Never show Approve and Action simultaneously — one button at a time

Rule 3: Address Display — Always <Address/>

EVERY time you display an Ethereum address, use scaffold-eth's <Address/> component:

import { Address } from "~~/components/scaffold-eth";

// ✅ CORRECT
<Address address={userAddress} />

// ❌ WRONG — never render raw hex
<span>{userAddress}</span>
<p>0x1234...5678</p>

<Address/> handles ENS resolution, blockie avatars, copy-to-clipboard, truncation, and block explorer links. Raw hex is unacceptable.

Address Input — Always <AddressInput/>

EVERY time the user needs to enter an Ethereum address, use <AddressInput/>:

import { AddressInput } from "~~/components/scaffold-eth";

// ✅ CORRECT
<AddressInput value={recipient} onChange={setRecipient} placeholder="Recipient address" />

// ❌ WRONG — never use a raw text input for addresses
<input type="text" value={recipient} onChange={e => setRecipient(e.target.value)} />

<AddressInput/> provides ENS resolution (type "vitalik.eth" → resolves to address), blockie avatar preview, validation, and paste handling.

The pair: <Address/> for DISPLAY, <AddressInput/> for INPUT. Always.

Rule 4: USD Values Everywhere

EVERY token or ETH amount displayed should include its USD value. EVERY token or ETH input should show a live USD preview.

// ✅ CORRECT — Display with USD
<span>1,000 TOKEN (~$4.20)</span>
<span>0.5 ETH (~$1,250.00)</span>

// ✅ CORRECT — Input with live USD preview
<input value={amount} onChange={...} />
<span className="text-sm text-gray-500">
  ≈ ${(parseFloat(amount || "0") * tokenPrice).toFixed(2)} USD
</span>

// ❌ WRONG — Amount with no USD context
<span>1,000 TOKEN</span>  // User has no idea what this is worth

Where to get prices:

• ETH price: SE2 built-in hook — useNativeCurrencyPrice()
• Custom tokens: DexScreener API (https://api.dexscreener.com/latest/dex/tokens/TOKEN_ADDRESS), onchain Uniswap quoter, or Chainlink oracle

This applies to both display AND input:

• Displaying a balance? Show USD next to it.
• User entering an amount to send/stake/swap? Show live USD preview below the input.
• Transaction confirmation? Show USD value of what they're about to do.

Rule 5: No Duplicate Titles

DO NOT put the app name as an <h1> at the top of the page body. The SE2 header already displays the app name. Repeating it wastes space and looks amateur.

// ❌ WRONG — AI agents ALWAYS do this
<Header />  {/* Already shows "🦞 My dApp" */}
<main>
  <h1>🦞 My dApp</h1>  {/* DUPLICATE! Delete this. */}
  <p>Description of the app</p>
  ...
</main>

// ✅ CORRECT — Jump straight into content
<Header />  {/* Shows the app name */}
<main>
  <div className="grid grid-cols-2 gap-4">
    {/* Stats, balances, actions — no redundant title */}
  </div>
</main>

Rule 6: RPC Configuration

NEVER use public RPCs (mainnet.base.org, etc.) — they rate-limit and cause random failures in production.

In scaffold.config.ts, ALWAYS set:

rpcOverrides: {
  [chains.base.id]: process.env.NEXT_PUBLIC_BASE_RPC || "https://mainnet.base.org",
},
pollingInterval: 3000,  // 3 seconds, not the default 30000

Keep the API key in .env.local — never hardcode it in config files that get committed to Git.

Monitor RPC usage: Sensible = 1 request every 3 seconds. If you see 15+ requests/second, you have a bug:

• Hooks re-rendering in loops
• Duplicate hook calls
• Missing dependency arrays
• watch: true on hooks that don't need it

Rule 7: Pre-Publish Checklist

BEFORE deploying frontend to production, EVERY item must pass:

Open Graph / Twitter Cards (REQUIRED):

// In app/layout.tsx or getMetadata.ts
export const metadata: Metadata = {
  title: "Your App Name",
  description: "Description of the app",
  openGraph: {
    title: "Your App Name",
    description: "Description of the app",
    images: [{ url: "https://YOUR-LIVE-DOMAIN.com/thumbnail.png" }],
  },
  twitter: {
    card: "summary_large_image",
    title: "Your App Name",
    description: "Description of the app",
    images: ["https://YOUR-LIVE-DOMAIN.com/thumbnail.png"],
  },
};

⚠️ The OG image URL MUST be:

• Absolute URL starting with https://
• The LIVE production domain (NOT localhost, NOT relative path)
• NOT an environment variable that could be unset
• Actually reachable (test by visiting the URL in a browser)

Full checklist:

• OG image URL is absolute, live production domain
• OG title and description set (not default SE2 text)
• Twitter card type set (summary_large_image)
• Favicon updated from SE2 default
• README updated from SE2 default
• Footer "Fork me" link → your actual repo (not SE2)
• Browser tab title is correct
• RPC overrides set (not public RPCs)
• pollingInterval is 3000
• All contract addresses match what's deployed
• No hardcoded testnet/localhost values in production code
• Every address display uses <Address/>
• Every address input uses <AddressInput/>
• Every onchain button has its own loader + disabled state
• Approve flow has network check → approve → action pattern
• No duplicate h1 title matching header

externalContracts.ts — Before You Build

ALL external contracts (tokens, protocols, anything you didn't deploy) MUST be added to packages/nextjs/contracts/externalContracts.ts with address and ABI BEFORE building the frontend.

// packages/nextjs/contracts/externalContracts.ts
export default {
  8453: {  // Base chain ID
    USDC: {
      address: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913",
      abi: [...],  // ERC-20 ABI
    },
  },
} as const;

Why BEFORE: Scaffold hooks (useScaffoldReadContract, useScaffoldWriteContract) only work with contracts registered in deployedContracts.ts (auto-generated) or externalContracts.ts (manual). If you write frontend code referencing a contract that isn't registered, it silently fails.

Never edit deployedContracts.ts — it's auto-generated by yarn deploy. Put your external contracts in externalContracts.ts.

Human-Readable Amounts

Always convert between contract units and display units:

// Contract → Display
import { formatEther, formatUnits } from "viem";
formatEther(weiAmount);           // 18 decimals (ETH, DAI, most tokens)
formatUnits(usdcAmount, 6);       // 6 decimals (USDC, USDT)

// Display → Contract
import { parseEther, parseUnits } from "viem";
parseEther("1.5");                // → 1500000000000000000n
parseUnits("100", 6);             // → 100000000n (USDC)

Never show raw wei/units to users. 1500000000000000000 means nothing. 1.5 ETH (~$3,750) means everything.

Resources

• SE2 Docs: https://docs.scaffoldeth.io/
• UI Components: https://ui.scaffoldeth.io/
• SpeedRun Ethereum: https://speedrunethereum.com/

name: frontend-playbook description: The complete build-to-production pipeline for Ethereum dApps. Fork mode setup, IPFS deployment, Vercel config, ENS subdomain setup, and the full production checklist. Built around Scaffold-ETH 2 but applicable to any Ethereum frontend project. Use when deploying any dApp to production.

Frontend Playbook

What You Probably Got Wrong

"I'll use yarn chain." Wrong. yarn chain gives you an empty local chain with no protocols, no tokens, no state. yarn fork --network base gives you a copy of real Base with Uniswap, Aave, USDC, real whale balances — everything. Always fork.

"I deployed to IPFS and it works." Did the CID change? If not, you deployed stale output. Did routes work? Without trailingSlash: true, every route except / returns 404. Did you check the OG image? Without NEXT_PUBLIC_PRODUCTION_URL, it points to localhost:3000.

"I'll set up the project manually." Don't. npx create-eth@latest handles everything — Foundry, Next.js, RainbowKit, scaffold hooks. Never run forge init or create Next.js projects from scratch.

Fork Mode Setup

Why Fork, Not Chain

yarn chain (WRONG)              yarn fork --network base (CORRECT)
└─ Empty local chain            └─ Fork of real Base mainnet
└─ No protocols                 └─ Uniswap, Aave, etc. available
└─ No tokens                    └─ Real USDC, WETH exist
└─ Testing in isolation         └─ Test against REAL state

Setup

npx create-eth@latest          # Select: foundry, target chain, name
cd <project-name>
yarn install
yarn fork --network base       # Terminal 1: fork of real Base
yarn deploy                    # Terminal 2: deploy contracts to fork
yarn start                     # Terminal 3: Next.js frontend

Critical: Chain ID Gotcha

When using fork mode, the frontend target network MUST be chains.foundry (chain ID 31337), NOT the chain you're forking.

The fork runs locally on Anvil with chain ID 31337. Even if you're forking Base:

// scaffold.config.ts during development
targetNetworks: [chains.foundry],  // ✅ NOT chains.base!

Only switch to chains.base when deploying contracts to the REAL network.

Enable Block Mining

# In a new terminal — REQUIRED for time-dependent logic
cast rpc anvil_setIntervalMining 1

Without this, block.timestamp stays FROZEN. Any contract logic using timestamps (deadlines, expiry, vesting) will break silently.

Make it permanent by editing packages/foundry/package.json to add --block-time 1 to the fork script.

Deploying to IPFS (Recommended)

IPFS is the recommended deploy path for SE2. Avoids Vercel's memory limits entirely. Produces a fully decentralized static site.

Full Build Command

cd packages/nextjs
rm -rf .next out  # ALWAYS clean first

NEXT_PUBLIC_PRODUCTION_URL="https://yourapp.yourname.eth.link" \
  NODE_OPTIONS="--require ./polyfill-localstorage.cjs" \
  NEXT_PUBLIC_IPFS_BUILD=true \
  NEXT_PUBLIC_IGNORE_BUILD_ERROR=true \
  yarn build

# Upload to BuidlGuidl IPFS
yarn bgipfs upload out
# Save the CID!

Node 25+ localStorage Polyfill (REQUIRED)

Node.js 25+ ships a built-in localStorage object that's MISSING standard WebStorage API methods (getItem, setItem). This breaks next-themes, RainbowKit, and any library that calls localStorage.getItem() during static page generation.

Error you'll see:

TypeError: localStorage.getItem is not a function
Error occurred prerendering page "/_not-found"

The fix: Create polyfill-localstorage.cjs in packages/nextjs/:

if (typeof globalThis.localStorage !== "undefined" &&
    typeof globalThis.localStorage.getItem !== "function") {
  const store = new Map();
  globalThis.localStorage = {
    getItem: (key) => store.get(key) ?? null,
    setItem: (key, value) => store.set(key, String(value)),
    removeItem: (key) => store.delete(key),
    clear: () => store.clear(),
    key: (index) => [...store.keys()][index] ?? null,
    get length() { return store.size; },
  };
}

Why --require and not instrumentation.ts? Next.js spawns a separate build worker process for prerendering. --require injects into EVERY Node process (including workers). next.config.ts polyfill only runs in the main process. instrumentation.ts doesn't run in the build worker. Only --require works.

IPFS Routing — Why Routes Break

IPFS gateways serve static files. No server handles routing. Three things MUST be true:

1. output: "export" in next.config.ts — generates static HTML files.

2. trailingSlash: true (CRITICAL) — This is the #1 reason routes break:

• trailingSlash: false (default) → generates debug.html
• trailingSlash: true → generates debug/index.html
• IPFS gateways resolve directories to index.html automatically, but NOT bare filenames
• Without trailing slash: /debug → 404 ❌
• With trailing slash: /debug → debug/ → debug/index.html ✅

3. Pages must survive static prerendering — any page that crashes during yarn build (browser APIs at import time, localStorage) gets skipped silently → 404 on IPFS.

The complete IPFS-safe next.config.ts pattern:

const isIpfs = process.env.NEXT_PUBLIC_IPFS_BUILD === "true";
if (isIpfs) {
  nextConfig.output = "export";
  nextConfig.trailingSlash = true;
  nextConfig.images = { unoptimized: true };
}

SE2's block explorer pages use localStorage at import time and crash during static export. Rename app/blockexplorer to app/_blockexplorer-disabled if not needed.

Stale Build Detection

The #1 IPFS footgun: You edit code, then deploy the OLD build.

# MANDATORY after ANY code change:
rm -rf .next out                     # 1. Delete old artifacts
# ... run full build command ...     # 2. Rebuild from scratch
grep -l "YOUR_STRING" out/_next/static/chunks/app/*.js  # 3. Verify changes present

# Timestamp check:
stat -f '%Sm' app/page.tsx           # Source modified time
stat -f '%Sm' out/                   # Build output time
# Source NEWER than out/ = STALE BUILD. Rebuild first!

The CID is proof: If the IPFS CID didn't change after a deploy, you deployed the same content. A real code change ALWAYS produces a new CID.

Verify Routes After Deploy

ls out/*/index.html                  # Each route has a directory + index.html
curl -s -o /dev/null -w "%{http_code}" -L "https://GATEWAY/ipfs/CID/debug/"
# Should return 200, not 404

Deploying to Vercel (Alternative)

SE2 is a monorepo — Vercel needs special configuration.

Configuration

1. Root Directory: packages/nextjs
2. Install Command: cd ../.. && yarn install
3. Build Command: leave default (next build)
4. Output Directory: leave default (.next)

# Via API:
curl -X PATCH "https://api.vercel.com/v9/projects/PROJECT_ID" \
  -H "Authorization: Bearer $VERCEL_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"rootDirectory": "packages/nextjs", "installCommand": "cd ../.. && yarn install"}'

Common Failures

Decision Tree

Want to deploy SE2?
├─ IPFS (recommended) → yarn ipfs / manual build + upload
│   └─ Fully decentralized, no memory limits, works with ENS
├─ Vercel → Set rootDirectory + installCommand
│   └─ Fast CDN, but centralized. May OOM on large projects
└─ vercel --prebuilt → Build locally, push artifacts to Vercel
    └─ Best of both: local build power + Vercel CDN

ENS Subdomain Setup

Two mainnet transactions to point an ENS subdomain at your IPFS deployment.

Transaction 1: Create Subdomain (new apps only)

1. Open https://app.ens.domains/yourname.eth
2. Go to "Subnames" tab → "New subname"
3. Enter the label (e.g. myapp) → Next → Skip profile → Open Wallet → Confirm
4. If gas is stuck: switch MetaMask to Ethereum → Activity tab → "Speed up"

Transaction 2: Set IPFS Content Hash

1. Navigate to https://app.ens.domains/myapp.yourname.eth
2. "Records" tab → "Edit Records" → "Other" tab
3. Paste in Content Hash field: ipfs://<CID>
4. Save → Open Wallet → Confirm in MetaMask

For updates to an existing app: skip Tx 1, only do Tx 2.

Verify

# 1. Onchain content hash matches
RESOLVER=$(cast call 0x00000000000C2e074eC69A0dFb2997BA6C7d2e1e \
  "resolver(bytes32)(address)" $(cast namehash myapp.yourname.eth) \
  --rpc-url https://eth.llamarpc.com)
cast call $RESOLVER "contenthash(bytes32)(bytes)" \
  $(cast namehash myapp.yourname.eth) --rpc-url https://eth.llamarpc.com

# 2. Gateway responds (may take 5-15 min for cache)
curl -s -o /dev/null -w "%{http_code}" -L "https://myapp.yourname.eth.link"

# 3. OG metadata correct (not localhost)
curl -s -L "https://myapp.yourname.eth.link" | grep 'og:image'

Use .eth.link NOT .eth.limo — .eth.link works better on mobile.

Go to Production — Complete Checklist

When the user says "ship it", follow this EXACT sequence.

Step 1: Final Code Review 🤖

• All feedback incorporated
• No duplicate h1, no raw addresses, no shared isLoading
• scaffold.config.ts has rpcOverrides and pollingInterval: 3000

Step 2: Choose Domain 👤

Ask: "What subdomain do you want? e.g. myapp.yourname.eth → myapp.yourname.eth.link"

Step 3: Generate OG Image + Fix Metadata 🤖

• Create 1200×630 PNG (public/thumbnail.png) — NOT the stock SE2 thumbnail
• Set NEXT_PUBLIC_PRODUCTION_URL to the live domain
• Verify og:image will resolve to an absolute production URL

Step 4: Clean Build + IPFS Deploy 🤖

cd packages/nextjs && rm -rf .next out
NEXT_PUBLIC_PRODUCTION_URL="https://myapp.yourname.eth.link" \
  NODE_OPTIONS="--require ./polyfill-localstorage.cjs" \
  NEXT_PUBLIC_IPFS_BUILD=true NEXT_PUBLIC_IGNORE_BUILD_ERROR=true \
  yarn build

# Verify before uploading:
ls out/*/index.html                        # Routes exist
grep 'og:image' out/index.html             # Not localhost
stat -f '%Sm' app/page.tsx                 # Source older than out/
stat -f '%Sm' out/

yarn bgipfs upload out                     # Save the CID

Step 5: Share for Approval 👤

Send: "Build ready for review: https://community.bgipfs.com/ipfs/<CID>" Wait for approval before touching ENS.

Step 6: Set ENS 🤖

Create subdomain (if new) + set IPFS content hash. Two mainnet transactions.

Step 7: Verify 🤖

• Content hash matches onchain
• .eth.link gateway responds with 200
• OG image loads correctly
• Routes work (/debug/, etc.)

Step 8: Report 👤

"Live at https://myapp.yourname.eth.link — ENS content hash confirmed onchain, unfurl metadata set."

Build Verification Process

A build is NOT done when the code compiles. It's done when you've tested it like a real user.

Phase 1: Code QA (Automated)

• Scan .tsx files for raw address strings (should use <Address/>)
• Scan for shared isLoading state across multiple buttons
• Scan for missing disabled props on transaction buttons
• Verify RPC config and polling interval
• Verify OG metadata with absolute URLs
• Verify no public RPCs in any file

Phase 2: Smart Contract Testing

forge test                    # All tests pass
forge test --fuzz-runs 10000  # Fuzz testing

Test edge cases: zero amounts, max amounts, unauthorized callers, reentrancy attempts.

Phase 3: Browser Testing (THE REAL TEST)

Open the app and do a FULL walkthrough:

1. Load the app — does it render correctly?
2. Check page title — is it correct, not "Scaffold-ETH 2"?
3. Connect wallet — does the connect flow work?
4. Wrong network — connect on wrong chain, verify "Switch to Base" appears
5. Switch network — click the switch button, verify it works
6. Approve flow — verify approve button shows, click it, wait for tx, verify action button appears
7. Main action — click primary action, verify loader, wait for tx, verify state updates
8. Error handling — reject a transaction in wallet, verify UI recovers
9. Address displays — all addresses showing ENS/blockies, not raw hex?
10. Share URL — check OG unfurl (image, title, description)

Phase 4: QA Sub-Agent (Complex Builds)

For bigger projects, spawn a sub-agent with fresh context. Give it the repo path and deployed URL. It reads all code against the UX rules, opens a browser, clicks through independently, and reports issues.

Don't Do These

• ❌ yarn chain — use yarn fork --network <chain>
• ❌ forge init — use npx create-eth@latest
• ❌ Manual Next.js setup — SE2 handles it
• ❌ Manual wallet connection — SE2 has RainbowKit pre-configured
• ❌ Edit deployedContracts.ts — it's auto-generated by yarn deploy
• ❌ Hardcode API keys in scaffold.config.ts — use .env.local
• ❌ Use mainnet.base.org in production — use Alchemy or similar

Resources

• SE2 Docs: https://docs.scaffoldeth.io/
• UI Components: https://ui.scaffoldeth.io/
• SpeedRun Ethereum: https://speedrunethereum.com/
• ETH Tech Tree: https://www.ethtechtree.com
• BuidlGuidl IPFS: https://upload.bgipfs.com