Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
contract-deployments
Advanced tools
Readme
Tool for deploying and upgrading:
Create an .env file with PRIVATE_KEY=0x123....
line
https://app.safe.global
(for example celo: https://app.safe.global/welcome?chain=celo) if true then create safe instance using UIhttps://app.safe.global
npx hardhat create-gnosis-safe
(add it to custom-safes.json
)
Upgrades without defender
section for more detailsdeployments
dir. (example deployments/example.json
)
voltzEthGoerli
(to distinguish contracts deployed between different networks)gelatoUpdaterAddress: 0xc4D1AE5E796E6d7561cdc8335F85e6B57a36e097
npx hardhat --network avalanche-fuji deploy-all --name example
FORK="https://canto.slingshot.finance" npx hardhat verify-upgradability-on-fork --name cadenceCantoEth
ProxyAdmin
contract which has common owner
FORK="https://eth-mainnet.public.blastapi.io" npx hardhat --network hardhat run scripts/upgrade-tests/example-with-rounds-adapter.ts
propose-upgrade
(example npx hardhat propose-upgrade --network avalanche-fuji --name example --initial-contract-name PriceFeedsAdapterVoltzArb --new-contract-name PriceFeedsAdapterVoltzArbProd
)Note: In --no-defender You can also upgrade to concrete impl address instead of deploying new contract. This can be particularly useful, when you want rollback to previous implementation. To do that, we need to pass --new-contract-address
followed by impl address instead of --new-contract-name
. IMPORTANT: be aware that this option doesn't verify if new implementation is safe to upgrade, by verifying source code compatibility.
npx hardhat verify --network mainnet DEPLOYED_CONTRACT_ADDRESS
DEPLOYED_CONTRACT_ADDRESS
should not be proxy contract addressnpx hardhat verify-sources --network avalanche --name example
We cannot use hardhat commnad, we have to do this manually
npx hardhat create-gnosis-safe --signers 0x3d62C20583AefDAe7959bad67D457e6D24d7A656, 0x2d62C20583AefDAe7959bad67D457e6D24d7A656 --threshold 1 --network mantle
proxyAdminOwner
in deployment manifestsnpx hardhat propose-upgrade --network mantle --name mantleMnt --initial-contract-name PriceFeedsAdapterMantleMnt --new-contract-name PriceFeedsAdapterMantleMntV2 --no-defender
LEDGER=2 npx hardhat gnosis-safe-approve --file <<file_name_from_step_2_without_dir_name>> --network mantle
LEDGER
to index of your ledger account in metamask - 44'/60'/0'/0/${process.env.LEDGER}
LEDGER=2 npx hardhat gnosis-safe-approve --file <<file_name_from_step_2_without_dir_name>> --network mantle --execute
getDataFeedIds
and getDataFeedIndex
functions to support new data feedsnpx hardhat deploy-price-feeds-contracts --network ethereum-goerli --name example --adapter 0x3B025A4E7d442c5CAF9F25Fb9d5A66c23d07C076
, where --name
is the name from deployments
dir (example deployments/example.json
) and --adapter
is the address of already deployed adapter contractFAQs
Tool for deploying and upgrading:
The npm package contract-deployments receives a total of 3 weekly downloads. As such, contract-deployments popularity was classified as not popular.
We found that contract-deployments demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.