Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
@floki-inu/contracts
Advanced tools
We use hardhat for local development.
For deployment and contract verification, we use hardhat-deploy.
The relevant folders are:
There is a file src/config.ts
which contains config for all the networks we support, for all projects (e.g. Locker, Staking, Token Launcher).
This file should not have sensitive data, as this is committed to git. Any setup required for deployment or testing that may change between one network and another should be in this file.
There is a .env.example
file. Duplicate it and rename it to .env
, this file is in gitignore and should never be committed.
For deploying, it requires three variables:
You can ask another dev for the first two. The third one we'll see soon.
We do not keep private keys locally as it's not safe. So we extend hardhat using a custom provider which sends transactions to the signer app, which runs in an isolated environment without internet access within our cluster.
The Signer App requires authentication. First, you need to create a user on AWS Cognito.
Go to our Sign Up page and register. If it shows an error message after you register, you can ignore.
Ask an AWS admin to approve your Cognito account.
Once approved, you can login through the Sign In page.
You'll be required to setup MFA. You can use Authy, Google Authenticator or some other TOTP app on your smartphone (or some other device).
Scan the QR Code on the app, provide the code generated by the app, and give your device a name (e.g. My Smartphone). If the login succeeds, you should be redirected to flokifi.com.
With your login working and MFA enabled, you can now generate tokens for deploying contracts.
You need AWS CLI installed.
We have a bash script .auth.sh
to make it easier generating tokens. You can use it like this:
yarn auth
The script will prompt you for your Cognito Username, Password, and the MFA Code which you can get from the TOTP app you used (e.g. Authy).
This script will update the SIGNER_TOKEN
key from the .env
file with an access token from Cognito, which is valid for 1 hour.
Now you can proceed to deploying with hardhat.
yarn hardhat deploy --network goerli --tags Locker
yarn hardhat deploy --network goerli --tags Staking
yarn hardhat deploy --network goerli --tags TokenLauncher
yarn hardhat etherscan-verify --network goerli
yarn test:locker
yarn test:staking
yarn test:token-launcher
Add the names of your facets to the facetsNames
variable in the generateImplementation.ts
file.
Run the following command:
yarn hardhat deploy --network goerli --tags DiamondImplementation
FAQs
We use hardhat for local development.
We found that @floki-inu/contracts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.