Unit testing and deploying sensible contracts with Forge

In December 2021, the world’s largest crypto-native funding agency, Paradigm Lab’s CTO Georgios launched a weblog relating to the discharge of a brand new framework for (evm-based) sensible contract improvement, known as Foundry.

It took the Crypto group by storm, and shortly grew to become the business normal for improvement and testing of sensible contracts, owing a lot to its effectivity compared to different frameworks.

As a way to perceive the importance of Foundry, we have to first look into the issues it tries to unravel.

The principle drawback that lies with frameworks like Hardhat and Truffle is that they require the builders to know a scripting language like JavaScript/TypeScript in an effort to work with the framework.

As these scripting languages are net development-heavy, the solidity developer wants not know such languages for the sensible contract improvement as it’s thought-about extra backend oriented.

One other difficulty is that hardhat itself is carried out utilizing TypeScript, so it’s slower than Foundry because the latter is carried out utilizing Rust.

(Be aware: If you’re interested by checking the benchmarks, please take a look at this simulation)

Foundry has a number of cool options except for this like:

• Name stack traces
• Interactive debugger
• Inbuilt-fuzzing
• Solidity scripting

Now, I hope you’ve an outline of Foundry and the need of testing sensible contracts utilizing Solidity. Foundry ships with two wonderful CLI instruments out-of-the-box:

• Forge: Used for testing and deployment of sensible contracts
• Forged: Used to work together with deployed sensible contracts

On this article we’re going to cowl the next:

Let’s get began.

Putting in Foundry

Putting in Foundry is straightforward and easy.

Open up your terminal and run:

curl -L https://foundry.paradigm.xyz | bash && foundryup

As soon as Foundry is put in, you can begin utilizing Forge and Forged straightaway.

For some OS, you may wish to set up rust earlier than putting in Foundry.

Organising a Foundry undertaking

You may immediately setup a Foundry undertaking by straight away by operating

forge init <PROJECT_NAME>

To make your life simpler, I’ve created a template repository, with which you will get began extra simply. It incorporates the required libraries, scripts and listing setup. So, all you’ll want to do is simply run the next command in your terminal:

The above command creates a brand new listing known as foundry-faucet and initializes a brand new Foundry undertaking utilizing my template. This could be the listing construction. The vital directories and information that we wish to concentrate on are:

• lib: This incorporates all of the dependencies/libraries that we’re going to use. For instance, if we wanna use Solmate, it’s going to reside as a git submodule inside this folder
• scripts: This folder has all of the scripts, like deploying and verifying contracts
• src: This folder has all of the contracts and the assessments related to the contracts
• foundry.toml: This file incorporates the configuration choices for the present Foundry undertaking

We must also replace and set up the libraries used; for that run the next instructions:

git submodule replace --init --recursive
forge set up

Making a easy Faucet contract

Now, we’re going to implement a faucet contract for our ERC20 token which may drip tokens when requested. We will additionally prohibit the quantity of tokens per request by setting a restrict which shall be 100 by default in our contract.

Open up the src/Faucet.sol file and add the next code:

// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.13;

import {Ownable} from "openzeppelin-contracts/entry/Ownable.sol";
import {IERC20} from "openzeppelin-contracts/token/ERC20/IERC20.sol";

contract Faucet is Ownable {
   /// Deal with of the token that this faucet drips
   IERC20 public token;

   /// For fee limiting
   mapping(tackle => uint256) public nextRequestAt;
   /// Max token restrict per request
   uint256 public restrict = 100;

   /// @param _token The tackle of the tap's token
   constructor(IERC20 _token) {
       token = _token;
   }

   /// Used to ship the tokens
   /// @param _recipient The tackle of the tokens recipient
   /// @param _amount The quantity of tokens required from the tap
   perform drip(tackle _recipient, uint256 _amount) exterior {
       require(_recipient != tackle(0), "INVALID_RECIPIENT");

       require(_amount <= restrict, "EXCEEDS_LIMIT");

       require(nextRequestAt[_recipient] <= block.timestamp, "TRY_LATER");
       nextRequestAt[_recipient] = block.timestamp + (5 minutes);

       token.switch(_recipient, _amount);
   }

   /// Used to set the max restrict per request
   /// @dev This technique is restricted and needs to be known as solely by the proprietor
   /// @param _limit The brand new restrict for the tokens per request
   perform setLimit(uint256 _limit) exterior onlyOwner {
       restrict = _limit;
   }
}

Our faucet contract has been added. Now we are able to go forward and compile the contracts by operating:

forge construct

If every thing goes properly, you need to see an identical output:

[⠒] Compiling...
[⠒] Compiling 14 information with 0.8.13
Compiler run profitable

Candy! Now we have efficiently arrange our Foundry undertaking and compiled our contract with none errors! Good job, anon 🎉

Now, we are able to go forward and begin testing our Faucet contract.

Unit testing utilizing Forge

As you realize, in contrast to Hardhat, Forge helps us write unit assessments utilizing Solidity.

Should you open the src/check/Faucet.t.sol file you’ll already see some imports of utils and a BaseSetup contract.

It has some preliminary setup that initializes a couple of variables that we are able to use in our assessments. As well as, the setUp() perform is much like beforeEach in hardhat and it runs earlier than each check.

The setUp() perform creates two addresses and labels them Alice and Bob. It’s useful once you attempt to debug by way of name traces because the label seems within the traces together with the tackle.

(Be aware: vm.label is named a cheatcode and it’s particular to Forge; It helps us to do some particular operations by interacting with the digital machine within the check env. We’ll be seeing extra cheatcodes in the course of the course of the article. For the total checklist of cheatcodes, you’ll be able to seek advice from this hyperlink)

Exchange the Faucet.t.sol with the next code to get began with the unit assessments;

// SPDX-License-Identifier: MIT
pragma solidity >=0.8;

import {console} from "forge-std/console.sol";
import {stdStorage, StdStorage, Take a look at} from "forge-std/Take a look at.sol";
import {IERC20} from "openzeppelin-contracts/token/ERC20/IERC20.sol";

import {Utils} from "./utils/Utils.sol";
import {Faucet} from "../Faucet.sol";
import {MockERC20} from "../MockERC20.sol";

contract BaseSetup is Take a look at {
   Utils inside utils;
   Faucet inside faucet;
   MockERC20 inside token;

   tackle payable[] inside customers;
   tackle inside proprietor;
   tackle inside dev;
   uint256 inside faucetBal = 1000;

   perform setUp() public digital {
       utils = new Utils();
       customers = utils.createUsers(2);
       proprietor = customers[0];
       vm.label(proprietor, "Proprietor");
       dev = customers[1];
       vm.label(dev, "Developer");

       token = new MockERC20();
       faucet = new Faucet(IERC20(token));
       token.mint(tackle(faucet), faucetBal);
   }
}

You may see that we’ve now created new state variables like faucet, token and in addition we’ve renamed alice and bob to proprietor and dev for simple interpretation. On this context, dev is somebody who requests tokens from the tap whereas the proprietor is the proprietor of the tap itself.

Within the final three strains of the setUp() technique, we deploy a mock token for the tap, go its tackle within the constructor of the new Faucet() (faucet deployment), after which name and mint some tokens to the deployed faucet contract.

Now, we’ll inherit the BaseSetup contract to put in writing unit assessments for our Faucet contract.

Under the BaseSetup contract, add the next code:

contract FaucetTest is BaseSetup {
   uint256 amountToDrip = 1;

   perform setUp() public override {
       tremendous.setUp();
   }

As talked about earlier, the setUp() technique runs earlier than all of the testcases and right here we’re calling the setUp() technique of the bottom contract which is the BaseSetup contract by way of tremendous.setUp().

Alright, now allow us to begin including unit assessments for our contract. Proper under the setUp() technique of the FaucetTest contract, add the next piece of code:

   perform test_drip_transferToDev() public {
       console.log(
           "Ought to switch tokens to recipient when `drip()` is named"
       );
       uint256 _inititalDevBal = token.balanceOf(dev);

       /// Ensure that preliminary dev steadiness is Zero
       assertEq(_inititalDevBal, 0);

       /// Request some tokens to the dev pockets from the pockets
       faucet.drip(dev, amountToDrip);

       uint256 _devBalAfterDrip = token.balanceOf(dev);

      /// The distinction needs to be equal to the quantity requested from the tap
       assertEq(_devBalAfterDrip - _inititalDevBal, amountToDrip);
   }

The above code helps us to check the drip() technique. The workflow is straightforward.

1. First, retailer the preliminary steadiness of the dev in a variable (_inititalDevBal)
2. Make sure that it’s 0, as we didn’t mint any tokens to the dev. That is what the road assertEq(_inititalDevBal, 0); does
3. Then name the drip() technique from the faucet contract occasion
4. Fetch the steadiness of dev after the drip() is named
5. The distinction between the steadiness of the dev account earlier than and after the drip() needs to be equal to amountToDrip, which is saved as a state variable within the FaucetTest contract

Now, allow us to save the file and run the check: forge check.

It is best to see the output in your terminal one thing much like this:

Cool! Let’s add some extra assessments.

The above check verifies that the drip() technique transfers the tokens to the dev. So, we must also verify that the switch is a sound one, which implies the token steadiness of the tap needs to be lowered.

Add the next check under — the test_drip_transferToDev() technique.

 perform test_drip_reduceFaucetBalance() public {
       console.log("The tap steadiness needs to be lowered");
       faucet.drip(dev, amountToDrip);
       assertEq(token.balanceOf(tackle(faucet)), faucetBal - amountToDrip);
   }

This makes positive that the tokens that the dev obtained are literally despatched from the tap — in that case, the steadiness of the tap needs to be lowered.

We will be certain by operating the check suite once more : forge check

If every thing goes properly, then your output needs to be much like this:

Candy! You probably have seen, we’ve console.log statements in our check instances, however they don’t seem to be exhibiting up within the console. The reason being that Forge doesn’t show logs by default. To get the logs displayed, we have to run the command with verbosity 2 : forge check -vv will show the logs.

Additionally if there are any occasions which might be emitted by your contract, you’ll be able to view them within the assessments with verbosity three (-vvv). You will get an in depth name hint to your assessments as excessive as verbosity degree 5, which helps in higher debugging.

Alright, let’s hold including extra assessments. Now we’re going to check our fee restrict mechanism. There needs to be at the least a five-minute interval earlier than calling drip() with the identical recipient tackle.

   perform test_drip_revertIfThrottled() public {
       console.log("Ought to revert if tried to throttle");
       faucet.drip(dev, amountToDrip);

       vm.expectRevert(abi.encodePacked("TRY_LATER"));
       faucet.drip(dev, amountToDrip);
   }

vm.expectRevert(bytes32) is one other cheat code that checks if the subsequent name reverts with the given error message. On this case, the error message is TRY_LATER. It accepts the error message as bytes not as a string, therefore we’re utilizing abi.encodePacked.

Should you bear in mind, I discussed that Forge ships with a fuzzer out-the-box. Let’s give it a strive.

We mix the assessments test_drip_transferToDev and test_drip_reduceFaucetBalance, and as a substitute of passing the inputs manually, we’d permit the fuzzer to enter the values in order that we are able to guarantee that our contract handles completely different inputs.

   perform test_drip_withFuzzing(tackle _recipient, uint256 _amount) public {
       console.log("Ought to deal with fuzzing");
       /// inform the constraints to the fuzzer, in order that the assessments do not revert on unhealthy inputs.
       vm.assume(_amount <= 100);
       vm.assume(_recipient != tackle(0));
       uint256 _inititalBal = token.balanceOf(_recipient);
       faucet.drip(_recipient, _amount);
       uint256 _balAfterDrip = token.balanceOf(_recipient);
       assertEq(_balAfterDrip - _inititalBal, _amount);
       assertEq(token.balanceOf(tackle(faucet)), faucetBal - _amount);
   }

Fuzzing is property-based testing. Forge will apply fuzzing to any check that takes at the least one parameter.

Whenever you execute the check suite, you’ll find the next line within the output:

[PASS] test_drip_withFuzzing(tackle,uint256) (runs: 256)

From the above output we are able to infer that the Forge fuzzer known as the test_drip_withFuzzing() technique 256 occasions with random inputs. Nonetheless, we are able to override this quantity utilizing the FOUNDRY_FUZZ_RUNS setting variable.

Now, allow us to add a pair extra assessments for the owner-only technique setLimit()

perform test_setLimit() public {
       console.log("Ought to set the restrict when known as by the proprietor");
       faucet.setLimit(1000);

       /// the restrict needs to be up to date assertEq(faucet.restrict(), 1000); } perform test_setLimit_revertIfNotOwner() public { console.log("Ought to revert if not known as by Proprietor"); /// Units the msg.sender as dev for the subsequent tx vm.prank(dev); vm.expectRevert(abi.encodePacked("Ownable: caller is just not the proprietor")); faucet.setLimit(1000); }

Within the test_setLimit_revertIfNotOwner() technique, a brand new cheatcode vm.prank(tackle) is used. It pranks the vm by overriding the msg.sender with the given tackle; in our case it’s dev. So, the setLimit() ought to revert with the caller is just not the proprietor message as our Faucet contract inherits the Ownable contract.

Okay allow us to guarantee that no assessments fail by operating forge check once more.

Candy 🥳 Now it’s time for deployment.

Contract deployment to Kovan testnet

Create a brand new file from .env.instance file and title it as .env. Please fill your INFURA_API_KEY and the PRIVATE_KEY (with Kovan testnet funds).

As soon as all of the fields are populated, you might be all set for deployment to Kovan. Earlier than deploying the tap, we have to deploy our ERC20 token.

You could find the deployment scripts contained in the scripts listing, and deploy the MockERC20 token to Kovan testnet by executing the ./scripts/deploy_token_kovan.sh bash script.

The output would look one thing like this:

Deployer: (YOUR_DEPLOYMENT_ADDRESS)

Deployed to: 0x1a70d8a2a02c9cf0faa5551304ba770b5496ed80

Transaction hash: 0xa3780d2e3e1d1f9346035144f3c2d62f31918b613a370f416a4fb1a6c2eadc77

To guarantee that the transaction truly went by means of, you’ll be able to search the transaction hash in https://kovan.etherscan.io

Copy the Deployed to: tackle, as it’s the tackle of the MockERC20 token that we must always use for deploying our Faucet contract. To deploy the tap, you’ll be able to execute the ./scripts/deploy_faucet_kovan.shscript.

It would immediate you to enter the token tackle; then enter the copied MockERC20 token tackle that was deployed earlier.

The output ought to look one thing like this:

Woohoo 🚀🚀 Now we have efficiently compiled, examined, and deployed our contract to the Kovan testnet utilizing Forge

We nonetheless have to confirm the contract on Etherscan and in addition mint some MockERC20 tokens to the Faucet (you need to use forged for this!) for it to work as supposed. I’ll depart this to you guys as an train to strive it yourselves!

As all the time, you’ll find the GitHub repository for this text right here.

Conclusion

On this article we solely coated a couple of items of Forge. Foundry is a really highly effective framework for sensible contracts and it’s quickly creating as properly.

There are extra cool options like code-coverage, contract verification, gasoline snapshots, name traces, and interactive debugging. Be at liberty to mess around with the repo by testing out extra options. Glad coding 🎊